Step 4: Configure O&M Permissions
Scenarios
To use a bastion host for resource O&M, you still need to configure access control policies, associate users with resources, and assign resource permissions to system users.
Procedure
Step |
Description |
---|---|
New ACL Rule |
You can configure the file transfer permission, user login IP address restrictions, user login time restrictions, and policy validity period. |
Associate ACL rules with users or user groups. |
|
Associate an account or account group with an ACL rule. |
|
Configuration Description
Parameter |
Description |
---|---|
Rule Name |
User-defined name of an ACL rule. The rule name must be unique in the CBH system. |
Period of validity |
(Optional) Effective time and expiration time of a policy. |
File Transmission |
(Optional) Permissions to upload and download host files during O&M.
|
Options |
(Optional) Permissions to manage host resource files, use RDP clipboards, and displays watermarks during O&M. You can select File Manage, Clipboard, or Watermark.
NOTE:
File management is available for the devices using SSH or Remote Desktop Protocol (RDP) protocols. For devices using the Virtual Network Computing (VNC) protocol, file management is available only after the application mapped to this device is released. File management is unavailable for the devices using the Telnet protocol. |
Logon Time Limit |
(Optional) Time period allowed or forbidden for the user to log in to the host. |
IP Limit |
(Optional) Restricts or allows users from specified IP addresses to access resources.
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.