Before Bastionhost users can perform O&M operations, the administrator must grant permissions to the users to perform O&M operations on specific hosts and host accounts. This topic describes how to grant permissions on assets and asset accounts.

Authorize a user to manage hosts

To authorize a user to manage hosts, perform the following steps:

  1. Log on to the console of your bastion host. For more information, see Log on to the console of a bastion host.
  2. In the left-side navigation pane, choose Users > Users.
  3. Find the user whom you want to authorize to manage hosts and click Authorize Hosts in the Actions column.
    Authorize a user to manage hosts
  4. On the Managed Hosts tab, click Authorize Hosts.
  5. In the Authorize Hosts panel, select one or more hosts you want to authorize the user to manage and click OK.

Authorize the accounts of a single host for a user

To authorize the accounts of a single host for a user, perform the following steps:

  1. Log on to the console of your bastion host. For more information, see Log on to the console of a bastion host.
  2. In the left-side navigation pane, choose Users > Users.
  3. Find the user whom you want to authorize to manage hosts and click Authorize Hosts in the Actions column.
    Authorize a user to manage hosts
  4. On the Managed Hosts tab, click the account name or No accounts found. Click here to authorize the user to manage the accounts of the asset group. in the Authorized Accounts column.
    Authorize the accounts of a single host
  5. In the Select Account panel, select one or more accounts and click Update.
    Note If no account is created on the host, you can click Create Host Account in the Select Account panel to create an account.

Authorize the accounts of multiple hosts for a user

To authorize the accounts of multiple hosts for a user at a time, perform the following steps:

  1. Log on to the console of your bastion host. For more information, see Log on to the console of a bastion host.
  2. In the left-side navigation pane, choose Users > Users.
  3. Find the user whom you want to authorize to manage hosts and click Authorize Hosts in the Actions column.
    Authorize a user to manage hosts
  4. On the Managed Hosts tab, select the hosts whose accounts you want to authorize for the user and choose Batch > Bind Accounts to Multiple Asset Groups. Authorize the accounts of multiple hosts for a user
  5. In the Bind Accounts to Multiple Asset Groups panel, specify Accounts.
    Bind Accounts to Multiple Asset Groups
    Note When you want to authorize the accounts of multiple hosts for a user at a time, you can select only one host account at a time.
  6. Click Update.