Creating and Managing Policies
- Print
- PDF
Creating and Managing Policies
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Creating a Policy
- Login to Britive.
- Click on Admin->Secrets Manager->Britive Vault.
- Select the node where the policy needs to be created.
- Click on the Policies tab. You can also select Add Policy from the overflow menu of a particular node.
- Click on the Add Policy button to add a new policy and enter the following:
- General
- Enter the Policy Name.
- Enter the description (Optional)
- Access Type: Select either Allow or Deny.
- Include all resources in the hierarchy below the resource path?
- Members:
- Users: Add All users or add selected users for this policy by clicking on Add Users.
- Tags: Add All tags or selected tags for this policy by clicking on Add Tags.
- Service identities: Add All Service Identities or selected service identities for this policy by clicking Add Service Identities.
- API tokens: Add All API Tokens or selected API tokens for this policy by clicking on Add API Tokens.
- Permissions:
- Access Level: The user gets access to the secrets based on the following:
- View
- Create, Edit
- Manage
- Access Level: The user gets access to the secrets based on the following:
- Generic Conditions:
- IP based: Select if you want access based on the IP addresses. Enter an IP address or a list of comma-separated IP addresses in the text box.
- Time based: Select the Start and End Date/TimeDate-time range or Set Time Schedule for applying the policy.
- Step-up Verification:
- Select Yes to enable step-up verification for this secrets policy. User is prompted for OTP for viewing secret details if this option is enabled. The step-up verification validity is configured in the step-up verification validity settings in the Security tab. For more information, see Configuring Step-up Verification Validity.
- Once step-up verification is enabled, you can check (Yes/No) if the previous successful verification can be used for subsequent viewing secrets.
- Approvals: Select whether the user needs approval to access a profile. Enter the following details if you select Approval Required as Yes:
- Notifications: Select notification medium(s) using the Add Notification button. Before use, notification mediums can be created in the Admin->Global Settings section. For more details, see Creating and Managing Notification Mediums.Note:You can add only one Slack notification medium per policy.
- Users: Select the users from the user list. A notification is sent to these users for approval.
- Tags: Select the tags from the list.
- Maximum time to Approve: Enter the time in Hours:Minutes format. The approval request expires if it is not approved in this specified time.
- Approval Validity: Enter the number of days or hours for access validity after the request is approved.
- Notifications: Select notification medium(s) using the Add Notification button. Before use, notification mediums can be created in the Admin->Global Settings section. For more details, see Creating and Managing Notification Mediums.
- General
- Click Save and Enable after all the configuration is done.
Managing Policies
You can Edit/Enable/Disable/Delete a policy.
- Login to Britive.
- Click on Admin->Secrets Manager->Britive Vault.
- Click on the Policies tab.
- Select the action for the policy to be managed.
- Manage Policy: You can edit some parts of the policy after creating a policy. You can edit the Secret Name, Description, and secret details based on the selected secret template.
- Enable/Disable Policy: You can enable or disable a particular policy created by you.
- Delete: Delete any policy created by you. A user can not delete predefined policies.
Was this article helpful?
