Setting Two-person Authorization
Two-person authorization, also known as two-person approval, adds an additional layer of resource security during O&M. After two-person authorization is configured, O&M personnel can access core resources only after being authorized and authenticated by the administrator onsite. Even if the O&M personnel account is lost, the information of business-critical resources will not be disclosed, reducing O&M risks and ensuring the security of critical assets.
Constraints
Only department administrators of the current and superior departments, including the system administrator admin, can be selected as the approvers for two-person authorization.
Prerequisites
- You have the operation permissions for the ACL Rules module.
- The ACL rule has been related to the system user and managed accounts.
Procedure
- Log in to your bastion host.
- Choose Policy > ACL Rules to enter the ACL rule list page.
- Select an ACL rule you want to enable two-person approval, and choose More > Approver in the Operation column. The Edit Approvers dialog box is displayed.
- Select one or more department administrators and set them as approvers of two-person authorization.
- Click OK.
Follow-up Operations
After two-person authorization is successfully configured, double authorization is required when the user related to this rule accesses the resource.
The user needs to select an approver and enter the account password of the approver. The user then can access the resource only after the verification is successful.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot