Data model

FUDO operates on four object types:

• user,
• server,
• bastion,
• connection.

User defines a subject entitled to connect to remote servers within monitored IT infrastructure. Detailed subject definition (i.e. unique login, full name, email address etc.) allows to precisely identify user connecting to a server, even though the login/pasword combination used to authenticate user on the target host is substituted with different values.

Server is a definition of the IT infrastructure resource, which can be accessed over one of specified protocols.

Connection defines relation between users and servers objects, precisely determining access rights and user authorization specifics.

Note

Connection allows for convenient IT infrastructure access management. Defining a connection for external consultants responsible for managing server farm, makes granting a temporary access only a matter of activating given connection without necessity to manage on user and server level.

Bastion enables accessing a group of monitored servers through the same IP address and port number combination. Single server is identified by its name included in the user login, e.g. ssh john_smith#mail_server@10.0.0.8 -p 999. Bastions allow maintaining access through the protocols default port numbers.

Proper system operation requires configuration of servers, users and connections.

Warning

Data model objects: users, servers, bastions and connections are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.

Related topics:

• System overview
• User authorization methods and modes
• Quick start