{ "test_id": "SSH-F4", "policy_file": "ssh_policies/ssh_f4.json", "ssh_section": [ { "action": "accept", "src": ["autogroup:member"], "dst": ["tag:server"], "users": ["localpart:*@passkey"] }, { "action": "accept", "src": ["autogroup:member"], "dst": ["tag:server"], "users": ["autogroup:nonroot"] } ], "nodes": { "user1": { "rules": [ { "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }], "sshUsers": { "kratail2tid": "kratail2tid" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } } ] }, "user-kris": { "rules": [ { "principals": [{ "nodeIP": "100.110.121.96" }, { "nodeIP": "fd7a:115c:a1e0::1737:7960" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } } ] }, "user-mon": { "rules": [ { "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }], "sshUsers": { "monitorpasskeykradalby": "monitorpasskeykradalby" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } } ] }, "tagged-server": { "rules": [ { "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }], "sshUsers": { "kratail2tid": "kratail2tid" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.110.121.96" }, { "nodeIP": "fd7a:115c:a1e0::1737:7960" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }], "sshUsers": { "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }], "sshUsers": { "monitorpasskeykradalby": "monitorpasskeykradalby" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } }, { "principals": [ { "nodeIP": "100.103.90.82" }, { "nodeIP": "100.110.121.96" }, { "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::1737:7960" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" } ], "sshUsers": { "*": "=", "root": "" }, "action": { "accept": true, "allowAgentForwarding": true, "allowLocalPortForwarding": true, "allowRemotePortForwarding": true } } ] }, "tagged-prod": { "rules": [] } } }