Alauda Container Platform

Introduction

The platform provides comprehensive user security policies to enhance login security and protect against malicious attacks.

TOC

Overview

The platform supports the following security policies:

Password security management
User account disablement
User account locking
User notifications
Access control

Configure Security Policy

Steps

In the left navigation bar, click User Role Management > User Security Policy
Click Update in the top right corner
Configure the security policies as needed
Click Update to save changes

WARNING

Policy Configuration Notes:

Check the box before a policy to enable it
Uncheck the box to disable a policy
Disabled policies retain their configuration data
Previous settings are restored when re-enabling a policy

Available Policies

Policy	Description
User Authentication Policy	Enables dual authentication for password-based login: - Users receive verification codes via specified notification methods - Supports various notification servers (e.g., Enterprise Communication Tool Server)
Password Security Policy	Manages password requirements: First Login: - Forces password change on first platform login Regular Updates: - Requires password change after specified period (e.g., 90 days) - Prevents login until password is updated
User Disablement Policy	Automatically disables inactive accounts: - Triggers after specified period of no login
User Locking Policy	Protects against brute force attacks: Lock Conditions: - Triggers after specified number of failed login attempts within 24 hours Lock Duration: - Account remains locked for specified minutes - Automatically unlocks after lock period expires
Notification Policy	Manages user notifications: - Sends initial password via email after user creation
Access Control	Manages user sessions and access: Session Management: - Auto-logs out inactive sessions after specified time - Limits maximum concurrent online users Browser Control: - Ends session when all product tabs are closed - Prevents multiple logins from same client :::note Important Notes: - Access Control only affects new logins after policy update - Browser tab restoration may not trigger session end - Only last login is allowed per client when preventing repeated login :::