Help Center/ Cloud Bastion Host/ User Guide/ Allowing Access to Cloud Assets
Updated on 2025-02-22 GMT+08:00
View PDF
Share

Allowing Access to Cloud Assets

CBH has been interconnected with Key Management Service (KMS), Cloud Secret Management Service (CSMS), Elastic Cloud Server (ECS), and Relational Database Service (RDS), making it easier for you to use managed credentials on CBH.

After you authorize CBH to access KMS, CSMS, ECS, and RDS, it takes about 10 minutes before the bastion host can obtain the delegation token.

For details about how to create a secret, see Data Encryption Workshop - Credential Management.

For secrets invoked through the bastion host, the account and password must comply with Key specifications.

Example:

username:root

password:*****

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project. In the upper left corner of the page, click and select a region. Choose Security & Compliance > Cloud Bastion Host to go to the CBH instance management page.

    Figure 1 Instance list
    Table 1 Instance parameters

    Parameter

    Description

    Instance Name

    Instance name you specify. It cannot be modified after the instance is created.

    Status

    Status of the instance, including the status of the standby host.

    Instance Type

    Instance type you select.

    Login Address

    Private IP address of the instance.

    EIP

    EIP of the instance.

    Billing Mode

    Billing mode of the current instance.

    Enterprise Project

    Enterprise project that the instance belongs to.

  3. Click Cloud Asset Authorization in the upper right corner.
  4. In the displayed dialog box, switch to in the Operation column to enable the authorization.

    Figure 2 Cloud asset authorization

  5. For details about how to add a resource account, see Creating a Resource Account and Associating It with Resources.