Skip to main content
Skip table of contents

Configure Server Policies

Overview

You can manage the access policies for servers within your organization. These policies operate based on YAML code, similar to Infrastructure as Code (IaC). You can set the allowed days and times for access, configure the allowable IP addresses, enable auditing, determine whether to allow the use of agents, and set the maximum number of sessions per user.

Configurable Policy Items

  • serverGroup: The server group to which access is allowed.

  • account: The account registered in the server group.

  • protocols: Allowed protocols (supports SSH, SFTP, TELNET, FTP, RDP as of version 10.2).

  • commandRef: The command template applied upon connection.

    • The contents of the selected Command Template can be checked by expanding the Command Policy Detail accordion.

    • For creating and managing command templates, refer to Command Templates.

    • If both Allow and Deny command templates are applied, Deny is prioritized.

  • accessTime: The time when access is allowed.

  • accessWeekday: The days of the week when access is permitted.

  • ipAddress: The IP addresses from which access is allowed.

    • For Security > Resource IP Access Control Configuration settings, only IPs within the allowed range can access.

  • commandAudit: Whether command auditing is applied upon connection.

  • commandDetection: Whether forbidden commands are detected within scripts and aliases.

    • Limitation: (10.2.1) Works only in Bash Shell; commands calling other scripts within a script are blocked.

  • proxyUsage: Whether proxy access through the agent is allowed.

  • maxSessions: The maximum number of simultaneous connections allowed per server.

  • sessionTimeout: The session timeout duration in minutes.

Editing Policy Code

image-20241209-122232.png

Administrator > Servers > Server Access Control > Policies > List Details > Go to Editor Mode

  1. Navigate to the Administrator > Servers > Server Access Control > Policies menu.

  2. Click on the policy you wish to edit from the list.

  3. In the Detail tab, click the Go to Editor Mode button on the right to enter the Code Editor screen.

  4. Use the following methods to modify the policy code in the code editor:

    1. Use the Errors tab at the bottom to debug any errors in the code you’ve edited.

    2. Use the Tips tab at the bottom to review definitions for each item and apply them to the code.

    3. Use the buttons on the right to insert or modify content in the code.

  5. Once the access policy is defined, click the Save button in the upper right corner to save the policy.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close