Creating and Managing Policies
- Print
- PDF
Creating and Managing Policies
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Creating a Policy
- Login to Britive.
- Click on Admin->Secrets Manager->Britive Vault.
- Select the node where the policy needs to be created.
- Click on the Policies tab. You can also select Add Policy from the overflow menu of a particular node.
- Click on the Add Policy button to add a new policy and enter the following:
- General
- Enter the Policy Name.
- Enter the description (Optional)
- Access Type: Select either Allow or Deny.
- Include all resources in the hierarchy below the resource path?
- Members:
- Users: Add All users or add selected users for this policy by clicking on Add Users.
- Tags: Add All tags or selected tags for this policy by clicking on Add Tags.
- Service identities: Add All Service Identities or selected service identities for this policy by clicking Add Service Identities.
- API tokens: Add All API Tokens or selected API tokens for this policy by clicking on Add API Tokens.
- Permissions:
- Access Level: The user gets access to the secrets based on the following:
- View
- Create, Edit
- Manage
- Access Level: The user gets access to the secrets based on the following:
- Generic Conditions:
- IP based: Select if you want access based on the IP addresses. Enter an IP address or a list of comma-separated IP addresses in the text box.
- Time based: Select the Start and End Date/TimeDate-time range or Set Time Schedule for applying the policy.
- Step-up Verification:
- Select Yes to enable step-up verification for this secrets policy. User is prompted for OTP for viewing secret details if this option is enabled. The step-up verification validity is configured in the step-up verification validity settings in the Security tab. For more information, see Configuring Step-up Verification Validity.
- Once step-up verification is enabled, you can check (Yes/No) if the previous successful verification can be used for subsequent viewing secrets.
- Approvals: Select whether the user needs approval to access a profile. Enter the following details if you select Approval Required as Yes:
- Notifications: Select notification medium(s) using the Add Notification button. Before use, notification mediums can be created in the Admin->Global Settings section. For more details, see Creating and Managing Notification Mediums.
- Slack or Slack Application:
- (Optional) Specify the Slack Channel ID:
- To find the Slack Channel ID:
- Right-click on the Slack channel you want to use.
- Select View Channel Details.
- Scroll to the bottom to find the Channel ID.
- Click Validate Channels to validate the listed channels. For private Slack channels, ensure you have integrated the Britive app with the channel before validating the channels. For more informationn about integrating the app, see Configuring Slack App.Note:You can add only one Slack notification medium per policy.
- To find the Slack Channel ID:
- (Optional) Specify the Slack Channel ID:
- Teams Application:
- (Optional) Specify the Team Name:
- To find the channels:
- Go to Teams client.
- Select the Teams for which you want the list of channels.
- Click on See all channels to get the list of channels.
- To find the channels:
- Click Validate Channels to validate the listed channels.
- (Optional) Specify the Team Name:
- Slack or Slack Application:
- Users: Select the users from the list.
- Tags: Select the tags from the list.
- Maximum time to Approve: Enter the time in Hours:Minutes format. The approval request expires if it is not approved in this specified time.
- Approval Validity: Enter the number of days or hours for access validity after the request is approved.
- Notifications: Select notification medium(s) using the Add Notification button. Before use, notification mediums can be created in the Admin->Global Settings section. For more details, see Creating and Managing Notification Mediums.
- General
- Click Save and Enable after all the configuration is done.
Managing Policies
You can Edit/Enable/Disable/Delete a policy.
- Login to Britive.
- Click on Admin->Secrets Manager->Britive Vault.
- Click on the Policies tab.
- Select the action for the policy to be managed.
- Manage Policy: You can edit some parts of the policy after creating a policy. You can edit the Secret Name, Description, and secret details based on the selected secret template.
- Enable/Disable Policy: You can enable or disable a particular policy created by you.
- Delete: Delete any policy created by you. A user can not delete predefined policies.
Was this article helpful?