Command Templates

Overview

You can manage templates for restricted commands that are not allowed after connecting to servers managed by your organization. Once a command template is set up, it can be reused when configuring access permissions. Command restriction is string-based, and support for regular expressions is also available.

Setting Up a Restricted Command Template

Server access policies can be configured in the Policies menu. For detailed instructions, refer to the commandsRef section in the Configure Server Policies guide.

1. Navigate to the Administrator > Servers > Server Access Control > Command Templates menu.

2. Click the + Create Template button at the top right.

3. To configure the policy, enter the following information for each item:

   1. Base Type : Select whether to allow or deny commands registered in the command template. This field cannot be changed after the command template is created.

      1. Deny: Configure the commands to be denied. Any commands other than the configured ones will be allowed.

      2. Allow: Configure the commands to be allowed. Only the configured commands will be permitted, and all others will be denied.
         *Limitation: (10.2.1) The Allow setting does not work with TELNET and FTP.

   2. Commands (SSH): This is where you configure the command policy for commands executed via the web terminal on the server.

      1. Keyword: Commands can be entered as keywords.

      2. RegEx: Commands can be entered as regular expressions.

   3. Commands (SFTP): This is where you configure the functionality policy for commands executed via web SFTP or FTP on the server. You can restrict actions like deleting directories/files, uploading files, downloading files, and creating directories.

4. Click the Save button at the bottom right to finalize the configuration.