ec2-useras the allowed target user. Through the BastionZero command logs, the administrator can then identify which SSO user entered what command as the
ec2-useron a particular target.
postgresas the allowed target user.
stdout. However, the administrator has the option to also record
kubectlactions, including shell
exec, against the cluster. An SSO user may assume a particular cluster role, based on policy. This role can be defined as a particular target user or target group depending on whether a user or group was specified when the
k8srole binding was made. BastionZero is very flexible in this regard, and the
k8scommand logs will again disambiguate which SSO user executed which
kubectlcommand within a particular user or group to role binding.
X-API-KEYheader for any application, such as Postman, curl, or your own business logic.
Deny. Registration keys can be associated to an application, an end user, or an administrator in multiple ways within BastionZero.