You can create rules to authorize multiple users to manage assets at a time. You can also specify validity periods during which the users remain authorized. This way, you can manage users and assets in a more efficient manner and limit the time periods during which users can access assets. This topic describes how to create an authorization rule and associate it with an asset.
Prerequisites
Assets and users are imported to your bastion host. For more information, see Add hosts and Manage users.
Procedure
Log on to the Bastionhost console. In the top navigation bar, select the region in which your bastion host resides.
In the bastion host list, find the bastion host that you want to manage and click Manage.
In the left-side navigation pane, click Authorization Rules.
On the Authorization Rules page, click Create Authorization Rule.
In the Create Authorization Rule panel, configure the parameters and click Create Authorization Rule. The following table describes the parameters for an authorization rule.
Parameter
Description
Authorization Rule Name
The name of the authorization rule you want to create. The name must meet the following requirements:
The name must be 1 to 128 characters in length.
The name cannot start with a special character.
The special characters in the name can only be periods (.), underscores (_), hyphens (-), and spaces.
Validity Period
The validity period of the authorization rule you want to create. You can specify the start and end dates of the validity period, as well as the points in time at which the validity period starts and ends.
Remarks
The remarks about the authorization rule.
A message appears to indicate that the authorization rule is created. Click Associate Assets and Users below the message.
On the Asset/User tab, associate the new rule with assets, asset groups, users, and user groups.
References
Manage an authorization rule: You can modify an authorization rule or delete an expired authorization rule that is no longer required.