Control server access
You can efficiently manage server access by assigning user groups to servers. All server-related access including terminal connections, audit log viewing, and monitoring is only allowed for assigned groups.
Assign groups to servers
During registration
- Select Authorized groups when registering server
- Multiple groups can be selected
- Users in selected groups can access the server
For existing servers
- Select server from server list
- Click Update
- Modify Authorized groups
- Click Save
Filter by groups
Filter servers by group in the server list.
Using filters:
- Click Group filter dropdown at top of server list
- Select desired group
- Only servers assigned to that group are displayed
Group-based access control
Control user access to servers through groups.
How it works:
- Add users to a group
- Assign that group to servers
- All group users can access those servers
Example:
Group: developers
Members: user1, user2, user3
Servers: web-server-01, web-server-02
Assigned groups: developers
→ user1, user2, user3 can all access both serversGroup management
Create groups
See Create groups for group creation and management.
Assign users to groups
See Assign users to groups for user assignment.
Best practices
Environment-based separation
Group structure:
- production-servers
- staging-servers
- development-servers
Access permissions:
- production-servers: Senior engineers only
- staging-servers: All engineers
- development-servers: All developersProject-based separation
Group structure:
- project-alpha
- project-beta
- project-gamma
Each project team accesses only their serversRole-based separation
Group structure:
- frontend-team
- backend-team
- devops-team
Teams access only relevant serversMultiple group assignment
A single server can be assigned to multiple groups.
Example:
Server: shared-database-server
Assigned groups:
- backend-team
- devops-team
→ All members of both groups can accessServers without groups
Servers with no assigned groups:
- Accessible only by Superusers
- Regular users cannot access
- Useful for isolated management servers