Help Center/ Host Security Service/ User Guide/ Detection and Response/ Whitelist Management/ Managing the System User Whitelist
Updated on 2025-09-08 GMT+08:00
View PDF
Share

Managing the System User Whitelist

HSS generates risky account alarms when non-root users are added to the root user group. You can add the trusted non-root users to the system user whitelist. HSS does not generate risky account alarms for users in the system user whitelist.

Adding an Item to the System User Whitelist

  1. Log in to the HSS console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation pane on the left, choose Detection & Response > Whitelists.
  4. (Optional) In the upper left corner of the Whitelists page, select the enterprise project to which the server belongs or All projects for Enterprise Project.

    If you have not enabled the enterprise project function, skip this step.

  5. Click the System User Whitelist tab and click Add.

    Figure 1 Configuring the system user whitelist

  6. on the Add to System User Whitelist page, enter the server ID, system username, and remarks.
  7. Click OK.

Modifying the System User Whitelist

  1. (Optional) In the upper left corner of the Whitelists page, select the enterprise project to which the server belongs or All projects for Enterprise Project.

    If you have not enabled the enterprise project function, skip this step.

  2. In the row of the target system user whitelist, click Modify in the Operation column.
  3. In the Modify System User Whitelist dialog box, modify the information and click OK.

Removing an Item from the System User Whitelist

After an account is deleted from the whitelist, HSS will report Unsafe Accounts alarms triggered by the account. Whitelisted items cannot be restored once deleted. Exercise caution when performing this operation. Up to 100 whitelisted system users can be deleted under an account.

  1. (Optional) In the upper left corner of the Whitelists page, select the enterprise project to which the server belongs or All projects for Enterprise Project.

    If you have not enabled the enterprise project function, skip this step.

  2. In the Operation column of a whitelist item, click Delete.

    To delete multiple whitelist items at a time, select them and click Delete above the list. To delete all the whitelist items, directly click Delete.

  3. In the displayed dialog box, confirm the information to be deleted, enter DELETE, and click OK.
  4. Return to the system user whitelist list. Verify that the deleted system users are not displayed.
Parent Topic: Whitelist Management