Managing Tags

You can use tags to manage clientless access for a set of applications. Tags enable administrators to categorize resources by purpose, owner, environment, or other criteria.

Tags can help to:

• Manage access at scale - easily manage access to hundreds of servers with a few clicks.

• Manage access to dynamic services - together with resource discovery, you can manage access to services as they are shut down and set up dynamically.

• Organize user portal - bundle applications together to a folder, for easier access by the end users.

Inspired by AWS Tagging Best Practices, each tag consists of a Key and Value pair:

• Key: Determines the method of the application grouping. Examples for commonly used keys are Environment, Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing., Group, Data center, etc. Each key holds a designated color to help you navigate.

• Value: Tag value is the application group name, based on the key. For example, values for the Environment key can be Production, Dev, and Staging.

From an end-user perspective, tags can be translated to folders in the User App Portal. Hence, users can view all the applications assigned to a specific tag in a designated folder in their portal.

Manage Tags with Harmony Connect Application-Level

You can add and populate tags with two methods:

• Resource Discovery - The AWS Discovery allows administrators to automatically fetch AWS tags and instances, and create a continuous sync.

• Locally - Create tags by defining keys and values, populate them with applications, and assign them to groups.

  To manage tags locally:

  1. Click the Edit Keys option in the Tags page to add keys to the system. This window allows you to add new keys, edit, and delete existing keys.

     

  2. Click the Add Tag button to create tags and assign values to the keys you created.

     

  3. Click Save.

Managing Local Groups

Group assignment to an application can be done in two ways:

1. Directly: the group is matched to an application.

2. Through tag: the group is assigned to a tag that contains the application.

   This can be done:

   • through the tag:

     

   • through the application / group, in the Details tab

     

   Hence, a user can be assigned to an application through multiple sources (directly / tags), you can view it in the access permissions tab.

   Note - You can only unassign the user directly / through tag, based on the assignment type.

   

Folders

You can choose to display a tag as a folder in the portal by marking the selection box when adding a tag. This can be edited at any given time. The behavior is based on the way the user is assigned to the application:

• Directly - Application appears in the general portal page.

• Through a tag (non-folder) - Application appears in the general portal page.

• Through a tag (folder) - Application appears inside the tag folder.

If a user is assigned through multiple sources, the application appears in several folders or in both a folder and the general portal page.