Protection for Mission-Critical Operations
Scenarios
ELB supports sensitive operation protection. When you perform sensitive operations on the management console, you need to enter a credential that can prove your identity. You can perform corresponding operations only after your identity is authenticated. It is recommended that you enable operation protection to secure your account.
This function can be configured only by the administrator and takes effect for the resources in your account and the resources of users under your account. Common users have only the view permissions. To modify the permissions, contact the administrator.
Enabling Operation Protection
Operation protection is disabled by default. Perform the following operations to enable it:
- Log in to the management console.
- Move the cursor to the username in the upper right corner of the page and select Security Settings from the list.
Figure 1 Security settings
- On the Security Settings page, choose Critical Operations > Operation Protection > Enable.
Figure 2 Critical operations
- On the Operation Protection page, select Enable.
If operation protection is enabled, you and IAM users created using your account need to enter a verification code when performing a critical operation, such as deleting an ECS resource.
- When performing a critical operation, you will be asked to choose a verification method from email, SMS, and virtual MFA device.
- If you have bound only a mobile number, only SMS verification is available.
- If you have bound only an email address, only email verification is available.
- If you have not bound an email address, mobile number, or virtual MFA device, bind one to perform critical operations.
- You can change the mobile number, email address, and virtual MFA device on the Basic Information page.
- When performing a critical operation, you will be asked to choose a verification method from email, SMS, and virtual MFA device.
Verifying Operation Protection
After operation protection is enabled, when you perform a mission-critical operation, the system will verify your identity.
- If you have bound an email address, enter the email verification code.
- If you have bound a mobile number, enter the SMS verification code.
- If you have bound a virtual MFA device, enter a 6-digit dynamic verification code of the MFA device.
When you attempt to delete a load balancer, the following dialog box is displayed, and you need to select a verification method:
Disabling Operation Protection
Perform the following operations to disable operation protection:
- Log in to the management console.
- Move the cursor to the username in the upper right corner of the page and select Security Settings from the list.
Figure 4 Security settings
- On the Security Settings page, choose Critical Operations > Operation Protection > Change.
Figure 5 Modifying operation protection settings
- On the Operation Protection page, select Disable and click OK.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
