As an organization owner, you can configure authentication policies to control the security settings for your organization. These settings let you manage how users and machine users access your account. For example, limiting access key lifetimes reduces exposure from compromised keys, and capping the number of machine users supports least-privilege access.
Configuring your authentication policy
Important
Only users with the Organization owner role can view and update authentication policy settings.
To update your authentication policy settings:
- In the Hybrid Manager (HM) console, navigate to Settings.
- Select the Authentication tab.
- Enter the values you want to configure. For details on each setting, see Parameter values.
- Select Save to apply the changes.
Note
Policy changes don't affect existing sessions, machine users, or access keys. Changes take effect immediately for new sessions and newly created machine users and access keys. Decreasing the access key or machine users quota does not impact already provisioned machine users and access keys.
Parameter values
These settings are available under your organization's Settings > Authentication.
| Setting | Description | Default | Valid range |
|---|---|---|---|
| Maximum Machine Users | Maximum number of machine users allowed in your organization. | 4096 | 1 to 2147483647 |
| Maximum Access Keys per Machine User | Maximum number of access keys that can be created for each machine user. | 2 | 1 to 2147483647 |
| Maximum Access Keys per User | Maximum number of access keys that can be created for each normal (human) user account. | 1 | 1 to 2147483647 |
| Maximum Access Key Duration | Maximum lifetime of an access key, in days. Keys expire after this period. | 365 | 1 to 2147483647 |
| Maximum Web Session Duration | Maximum duration of a web session, in seconds. Users are logged out after this period. | 86400 | 1 to 2147483647 |