Applies to Roles (in environments)

  • System Administrator (DEV, UAT, NFT, PROD)
  • Developer (DEV, UAT, NFT)
  • Backoffice User (UAT, PROD)
  • Quality Assurance User (DEV, UAT, NFT)

Web Application Firewall (WAF) users can access internal and private Athena deployed resources, such as Content Management System (CMS) Administration console, DEV environment services (Jenkins, Nexus, etc.). In order to do that they need to install client certificate in their browser to enable SSL Mutual authentication.

Access required

  • System Administrator

Command

For detailed information please check athena-users waf command documentation.

athena-users waf [WAF-OPTIONS] COMMAND [ARGS]...

Parameters

  • activate - Activate user WAF access, Send p12 file to user.
    • <username> - User name, for example: john.smith.
    • <email> - Email to which WAF configuration will be sent.
  • create - Create user WAF access (without activating it).
    • <username> - User name, for example: john.smith.
    • <email> - Email to which WAF configuration will be sent.
    • <password> - User password.
  • list - List all issued client certificates, revoked certificates are marker with "R".
  • remove - Remove user WAF access (Side effect: removes user VPN access as well).
    • <username> - User name, for example: john.smith.
    • <email> - Email to which WAF configuration was sent.
  • reset - Reset p12 file password.
    • <username> - User name, for example: john.smith.
    • <email> - Email to which WAF configuration will be sent.
    • <password> - New password.
  • signup - Send new user signup notification to administrator.
    • <username> - User name, for example: john.smith.
    • <email> - Email to which WAF configuration will be sent.

Options

  • WAF-OPTIONS
    • -u/--user-type [client, server, remote] - Client certificate type.

Examples

  • To generate WAF SSL certificate and send it to the user
athena-users waf create john.smith john.smith@gmail.com p4$Sw0rd &&
athena-users waf activate john.smith john.smith@gmail.com
  • To resend WAF SSL certificate
athena-users waf reset john.smith john.smith@gmail.com p4$Sw0rd
  • To list issued WAF certificates
athena-users waf list
  • To revoke WAF SSL certificate
athena-users waf remove john.smith john.smith@gmail.com