.svg?alt=media&token=0f6df7c7-5b98-4a62-98b8-a54e38a8329e){kind=logo}
Tenant Security settings
Configure Tenant Security settings for specific DuploCloud Tenants
Last updated
Configure Tenant Security settings for specific DuploCloud Tenants
Last updated
© DuploCloud, Inc. All rights reserved. DuploCloud trademarks used herein are registered trademarks of DuploCloud and affiliates
Configure these settings (properties) by navigating to Administrator -> Tenants in the DuploCloud Portal. Select the Tenant for which you want to configure the settings listed below and click the Settings tab. The Tenant Feature Properties are listed in the Name column in the Settings tab.
To edit or remove an existing property, click the icon to the left of the property Name and select Edit Setting or Remove Setting. To add any of these settings, click Add. Select and Enable the feature using the Add Tenant Feature pane.
A Default Value of Enabled in the table below displays a property value of True in the UI.
A Default Value of Disabled in the table below displays a property value of False in the UI.
| Tenant Feature Property | Description | Default Value |
|---|---|---|
Enable Encryption at Rest | Configure encryption at rest for AWS resources such as RDS, ElastiCache, ElasticSearch | Disabled |
Block Public Access | Blocks (disables) public access to S3Default | Enabled |
Maximum Session Duration | Configure AWS IAM Role Maximum session duration for the tenant role Provide input in Hours. Additional details can be found here | 3600 seconds (1 Hour) |
Enforce SSL for ES | Require SSL encryption for AWS Elasticsearch | Enabled |
Enforce SSL for S3 | Require SSL encryption for AWS S3 Buckets | Enabled |
Enable node to node encryption for ES | Enables Node-to-node encryption to protects data transferred between nodes using SSL encryption | Enabled |
Automatically rotate KMS keys | Enables automatic rotation of KMS keys to prevent extensive key reuse | Enabled |
Delete protection | Protects Tenants from accidental deletion. See Deleting a Tenant | Enabled |
AWS Access Token Validity | AWS Console JIT (Just-In-Time) session token validation time in seconds before time-out | 3600 seconds (1 Hour) |
Restrict Pubic IP for Non-Admin | Restricts Non-Administrators from creating a load balancer that uses a Public IP address | Disabled |
Restrict EC2 instance create in public subnet for non-admin | Restricts Non-Administrators from creating EC2 Instances that use a Public IP address | Disabled |
Restrict non-ssl listener create for non-admin | Restricts Non-Administrators from creating a load balancer without SSL certificates | Disabled |
