Updated on 2022-11-30 GMT+08:00

Before You Start

This document provides instructions for getting started with Cloud Bastion Host (CBH). CBH gives you the ability to:

  • Log in to the CBH system using a web browser or SSH client, create system users, add resources, configure permission policies, and grant O&M permissions to system users based on their responsibilities.
  • Log in to the managed resources within granted permissions.
  • Audit O&M sessions, logins, and system operations by resource and/or user.

Figure 1 shows how to configure a CBH instance and use the mapped CBH system for secure O&M.

Figure 1 Process
Table 1 Process overview



Logging in to a CBH system

After you enable a CBH instance, obtain the IP address to log in to the CBH system that maps to the CBH instance.

The admin user is the first user that can log in to the CBH system. The password of the admin user is the one you set when you purchase the CBH instance.

Creating a user

Create a CBH system user. Each user corresponds to an account for logging in to the CBH system.

Adding resources

Add resources and their accounts to the CBH system.

  • Linux hosts, Windows hosts, databases, and applications can be added.
  • After you add resources to CBH, add the accounts of the added resources to the CBH system so that you can directly access the managed resources through CBH for O&M.

Configuring O&M permissions

Create access control rules.

You can grant permissions to each system user based on their responsibilities to determine which users can perform O&M on a specific resource.

Logging in to a managed resource

Multi-factor authentication can be configured for different types of resources.

Auditing O&M sessions

You can audit logins, operations on managed resources, and O&M sessions in the CBH system.