From 86af485408627d04d20ede9ef381b8c6274ca0ab Mon Sep 17 00:00:00 2001 From: Michael Borkenstein Date: Fri, 14 Feb 2025 15:16:47 -0600 Subject: [PATCH] ZTIA-506: clarifies infra policy documentation around 'allow email alias' configuration option --- .../partials/cloudflare-one/access/add-infrastructure-app.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx b/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx index b92bf8e2e22d3d..2156beedd05f00 100644 --- a/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx +++ b/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx @@ -24,7 +24,7 @@ import { Tabs, TabItem, Render } from "~/components" 2. Create a rule that matches the users who are allowed to reach the targets. For more information, refer to [Access policies](/cloudflare-one/policies/access/) and review the list of [infrastructure policy selectors](/cloudflare-one/applications/non-http/infrastructure-apps/#infrastructure-policy-selectors). 3. In **Connection context**, configure the following settings: - **SSH user**: Enter the UNIX usernames that users can log in as (for example, `root` or `ec2-user`). - - **Allow users to log in as their email alias**: (Optional) When selected, users who match your policy definition will be able to access the target using their email address prefix. For example, `jdoe@company.com` could log in as `jdoe`. + - **Allow users to log in as their email alias**: (Optional) When selected, users who match your policy definition will be able to access the target using their lowercased email address prefix. For example, `Jdoe@company.com` could log in as `jdoe`. :::note Cloudflare will not create new users on the target. UNIX users must already be present on the server. @@ -135,4 +135,4 @@ The targets in this application are now secured by your infrastructure policies. :::note Gateway [network policies](/cloudflare-one/policies/gateway/network-policies/) take precedence over infrastructure policies. For example, if you block port `22` for all users in Gateway, then no one can SSH over port `22` to your targets. -::: \ No newline at end of file +:::