command_restrictions
SSH shell/exec command restrictions for the principal
enabledboolean
Are command restrictions enabled
default_whitelist object
Default whitelist handle, required if command restrictions are enabled
idstring<uuid>required
Whitelist ID
namestring
Whitelist name
deletedboolean
Has whitelist been deleted, ignored in requests
rshell_variantstring
Restricted shell variant, required if command restrictions are enabled
Possible values: [bash
, posix
]
bannerstring
Optional banner displayed in SSH terminal
allow_no_matchboolean
If true then commands that do not match any whitelist pattern are allowed to execute
audit_matchboolean
If true then an audit event is generated for every allowed command
audit_no_matchboolean
If true then an audit event is generated for every disallowed command
whitelists object[]
Array [
whitelist object
idstring<uuid>required
Whitelist ID
namestring
Whitelist name
deletedboolean
Has whitelist been deleted, ignored in requests
roles object[]
List of roles granting access to the whitelist
Array [
idstring<uuid>required
Role ID
namestring
Role name
]
]
command_restrictions
{
"enabled": true,
"default_whitelist": {
"id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"deleted": true
},
"rshell_variant": "bash",
"banner": "string",
"allow_no_match": true,
"audit_match": true,
"audit_no_match": true,
"whitelists": [
{
"whitelist": {
"id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"deleted": true
},
"roles": [
{
"id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string"
}
]
}
]
}