Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/content/en/administrator-manual/databases.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ Clicking on linked items will take you to a page where you can immediately check
</th>
<td>
* [Synchronize DB Resources from AWS](databases/connection-management/cloud-providers/synchronizing-db-resources-from-aws)
* [DB Connections | Manually Registering DB Connections](databases/connection-management/db-connections#db-%ec%bb%a4%eb%84%a5%ec%85%98-%ec%88%98%eb%8f%99%ec%9c%bc%eb%a1%9c-%eb%93%b1%eb%a1%9d%ed%95%98%ea%b8%b0)
* [DB Connections | Manually Registering DB Connections](databases/connection-management/db-connections#manually-registering-db-connections)
* [Data Source-Specific Setup Guide](databases/connection-management/db-connections/mongodb-specific-guide)
</td>
</tr>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Administrator &gt; Databases &gt; Connection Management &gt; Cloud Providers
6. Enter the **Credential** information required to synchronize resources.
* Provides a manual synchronization method that enters GCP's Service Account when clicking the `Synchronize` button. <br/>Starting from QueryPie 10.2.2, the "Save Credential for Synchronization" option is provided to enable scheduled synchronization even when using `Service Account` as the Credential type.
* Starting from 11.5.6, HashiCorp Vault's Google Cloud secret engine is supported, allowing synchronization without storing static credentials. You can select `Vault(GCP)` in the Credential type field.
* To use this feature, you must first configure "Vault Secret Store" in General &gt; System &gt; Integration &gt; HashiCorp Vault, and configure a `Role set` in Vault to specify the `Roleset Path`. <br/>&lt; Reference &gt; [Entering HashiCorp Vault Integration Information | Entering-HashiCorp-Vault-Integration-Information](../../../general/system/integrations/integrating-with-secret-store#hashicorp-vault-%ec%97%b0%eb%8f%99-%ec%a0%95%eb%b3%b4-%ec%9e%85%eb%a0%a5%ed%95%98%ea%b8%b0) <br/>&lt; Reference &gt; [Role set : Hashicorp Vault Google Cloud secret engine](https://developer.hashicorp.com/vault/docs/secrets/gcp#rolesets)
* To use this feature, you must first configure "Vault Secret Store" in General &gt; System &gt; Integration &gt; HashiCorp Vault, and configure a `Role set` in Vault to specify the `Roleset Path`. <br/>&lt; Reference &gt; [Entering HashiCorp Vault Integration Information | Entering-HashiCorp-Vault-Integration-Information](../../../general/system/integrations/integrating-with-secret-store#entering-hashicorp-vault-integration-information) <br/>&lt; Reference &gt; [Role set : Hashicorp Vault Google Cloud secret engine](https://developer.hashicorp.com/vault/docs/secrets/gcp#rolesets)
* Roleset Path can use an access token-based path or service account key-based path depending on the Vault configuration.
7. **Database Type Filter** Select the resources you want to synchronize.
8. **Search Filter** You can get a list of specific types of resources you want to synchronize.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ ______
<Callout type="info">
In DAC, privileges have two time-based limits: `Privilege Deactivation Period` and `Privilege Expiration Date`.
* **Privilege Deactivation Period** : If a user does not access a target for which they have been granted privileges within the period configured by an administrator in **Privilege Deactivation Period** under `Admin > Databases > General > Configurations`, the privilege becomes “Deactivated”. Administrators can change a “Deactivated” status back to “Active”.
* [Switching a Deactivated status to Active | Revoking Access-Control privileges](db-access-control/access-control#access-control-%ea%b6%8c%ed%95%9c-%ed%9a%8c%ec%88%98%ed%95%98%ea%b8%b0)
* [Switching a Deactivated status to Active | Revoking Access-Control privileges](db-access-control/access-control#revoking-access-control-privileges)
* **Privilege Expiration Date** : This time limit is set when an administrator specifies **Expiration Date** while granting a specific user privileges to a specific connection in `Admin > Databases > DB Access Control > Access Control`****, or when a user specifies **Access Expiration Date** while requesting access through a Workflow `DB Access Request`.
* **Note** : If the `Privilege Deactivation Period` arrives before the `Privilege Expiration Date`, the privilege becomes **Deactivated** and can be changed to Active by an administrator. If the `Privilege Expiration Date` arrives before the `Privilege Deactivation Period`, the privilege is **Expired** and revoked. Once revoked, the user must request access again through Workflow, or an administrator must grant new access.
</Callout>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ Okta Admin Console &gt; Applications &gt; Applications &gt; Create App Integrati
8. In the Feedback step, select `I'm an Okta customer adding an internal app` and click the `Finish` button at the bottom.
9. After the Application is created, go to the General tab at the top and click the `Edit` button on the right of the **App Settings** menu.
10. Select **SCIM** for the Provisioning field and click the `Save` button.
11. Complete SSO integration by following [Integrating with Okta | Setting QueryPie Application Integration Information in Okta](../authentication/integrating-with-okta#okta%ec%97%90%ec%84%9c-querypie-%ec%95%a0%ed%94%8c%eb%a6%ac%ec%bc%80%ec%9d%b4%ec%85%98-%ec%97%b0%eb%8f%99-%ec%a0%95%eb%b3%b4-%ec%84%a4%ec%a0%95) and [Integrating with Okta | Configuring Okta Integration and Synchronization in QueryPie](../authentication/integrating-with-okta#querypie%ec%97%90%ec%84%9c-okta-%ec%97%b0%eb%8f%99-%eb%b0%8f-%eb%8f%99%ea%b8%b0%ed%99%94-%ec%84%a4%ec%a0%95), then proceed with the following steps.
11. Complete SSO integration by following [Integrating with Okta | Setting QueryPie Application Integration Information in Okta](../authentication/integrating-with-okta#configure-integration-information-for-the-querypie-application-in-okta) and [Integrating with Okta | Configuring Okta Integration and Synchronization in QueryPie](../authentication/integrating-with-okta#configure-okta-integration-and-synchronization-in-querypie), then proceed with the following steps.


______
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -227,5 +227,5 @@ You can register server group members to specify Server Groups displayed in user

<Callout type="info">
To limit Server Groups shown in Workflow, you must activate the "Show Server Groups in Workflow if Assigned as Member" item in Admin &gt; Servers &gt; General &gt; Configurations.
For detailed location, please refer to the [Server Access Request Default Settings | Basic Server Access Policy Settings](../../sac-general-configurations#%ea%b8%b0%eb%b3%b8-%ec%84%9c%eb%b2%84-%ec%a0%91%ea%b7%bc-%ec%a0%95%ec%b1%85-%ec%84%a4%ec%a0%95) guide.
For detailed location, please refer to the [Server Access Request Default Settings | Basic Server Access Policy Settings](../../sac-general-configurations#default-policy-settings-for-server-permission-requests) guide.
</Callout>
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ Therefore, even if you are within the displayed IP range, final access may be de
* **Password Provisioning :** Setting for using password provisioning
* Periodically change passwords for server accounts of registered servers
* When set to On, the following changes occur:
* In [Managing Servers as Groups | 3.-Registering-Accounts](connection-management/server-groups/managing-servers-as-groups#3.-accounts-%eb%93%b1%eb%a1%9d%ed%95%98%ea%b8%b0), account selection options for password provisioning are added
* In [Managing Servers as Groups | 3.-Registering-Accounts](connection-management/server-groups/managing-servers-as-groups#3-registering-accounts), account selection options for password provisioning are added
* [Password Provisioning](server-account-management/password-provisioning) menu is activated and Password change Jobs can be registered
* [Account Management](server-account-management/account-management) menu is activated and provides account list lookup functionality for servers managed by QueryPie
* **Allow RDP Connection without Server Agent :** Setting for allowing access to Windows Servers without RDP Server Agent installed
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -77,11 +77,11 @@ When accessing Web App through QueryPie, Root CA certificate installation and Ch

Please refer to the following manual for installation methods.

[WAC Quickstart | 1.-Root-CA-인증서-설치하기](.#1.-root-ca-%ec%9d%b8%ec%a6%9d%ec%84%9c-%ec%84%a4%ec%b9%98%ed%95%98%ea%b8%b0)
[WAC Quickstart | 1. Install Root CA Certificate](.#1-install-root-ca-certificate)

[WAC Quickstart | 2.-Extension-다운로드-받기](.#2.-extension-%eb%8b%a4%ec%9a%b4%eb%a1%9c%eb%93%9c-%eb%b0%9b%ea%b8%b0)
[WAC Quickstart | 2. Download Extension](.#2-download-extension)

[WAC Quickstart | 3.-Extension-설치-및-Host-설정하기](.#3.-extension-%ec%84%a4%ec%b9%98-%eb%b0%8f-host-%ec%84%a4%ec%a0%95%ed%95%98%ea%b8%b0)
[WAC Quickstart | 3. Install Extension and Set Host](.#3-install-extension-and-set-host)
</Callout>

<figure data-layout="center" data-align="center">
Expand Down
4 changes: 2 additions & 2 deletions src/content/en/user-manual.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ Click on each item to see detailed usage instructions.
**Login**
</th>
<td>
* [My Dashboard | Logging into QueryPie Web](user-manual/my-dashboard#querypie-web%ec%97%90-%eb%a1%9c%ea%b7%b8%ec%9d%b8%ed%95%98%ea%b8%b0)
* [My Dashboard | Logging into QueryPie Web](user-manual/my-dashboard#logging-into-querypie-web)
</td>
</tr>
<tr>
Expand All @@ -51,7 +51,7 @@ Click on each item to see detailed usage instructions.
**Explore Dashboard**
</th>
<td>
* [My Dashboard | User Dashboard](user-manual/my-dashboard#%ec%82%ac%ec%9a%a9%ec%9e%90-%eb%8c%80%ec%8b%9c%eb%b3%b4%eb%93%9c)
* [My Dashboard | User Dashboard](user-manual/my-dashboard#user-dashboard)
</td>
</tr>
<tr>
Expand Down
2 changes: 1 addition & 1 deletion src/content/en/user-manual/my-dashboard.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ Cookie Settings Screen
</figcaption>
</figure>

**Reference**: [Preferences | Cookie-&-Privacy](preferences#cookie-%26-privacy)
**Reference**: [Preferences | Cookie-&-Privacy](preferences#cookie--privacy)

#### Entering Account Information

Expand Down
2 changes: 1 addition & 1 deletion src/content/ja/administrator-manual/databases.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ QueryPie DAC(Database Access Controller)を初めて使用する管理者な
</th>
<td>
* [AWSでDBリソース同期](databases/connection-management/cloud-providers/synchronizing-db-resources-from-aws)
* [DB Connections | DBコネクション手動で登録](databases/connection-management/db-connections#db-%ec%bb%a4%eb%84%a5%ec%85%98-%ec%88%98%eb%8f%99%ec%9c%bc%eb%a1%9c-%eb%93%b1%eb%a1%9d%ed%95%98%ea%b8%b0)
* [DB Connections | DBコネクション手動で登録](databases/connection-management/db-connections#dbコネクション手動で登録)
* [データソース別設定ガイド](databases/connection-management/db-connections/mongodb-specific-guide)
</td>
</tr>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Administrator &gt; Databases &gt; Connection Management &gt; Cloud Providers
6. リソースを同期するために必要な **Credential** 情報を入力します。
* `Synchronize`ボタンクリック時にGCPのService Accountを入力する手動同期方式を基本提供します。<br/>QueryPie 10.2.2から「Save Credential for Synchronization」オプションを提供してCredential typeで`Service Account`を使用する時もスケジュールを通じた同期が可能になるように改善されました。
* 11.5.6からHashiCorp VaultのGoogle Cloud secret engineをサポートし、静的Credentialを保存せずに同期を実行できます。Credential type項目で`Vault(GCP)`を指定できます。
* この機能を使用するには、事前にGeneral &gt; System &gt; Integration &gt; HashiCorp Vaultで「Vault Secret Store」設定が必要であり、`Roleset Path`を指定するためにVaultで`Role set`設定を行う必要があります。<br/>&lt; 参考 &gt; [HashiCorp Vault連携情報の入力 | HashiCorp-Vault連携情報の入力](../../../general/system/integrations/integrating-with-secret-store#hashicorp-vault-%ec%97%b0%eb%8f%99-%ec%a0%95%eb%b3%b4-%ec%9e%85%eb%a0%a5%ed%95%98%ea%b8%b0) <br/>&lt; 参考 &gt; [Role set : Hashicorp Vault Google Cloud secret engine](https://developer.hashicorp.com/vault/docs/secrets/gcp#rolesets)
* この機能を使用するには、事前にGeneral &gt; System &gt; Integration &gt; HashiCorp Vaultで「Vault Secret Store」設定が必要であり、`Roleset Path`を指定するためにVaultで`Role set`設定を行う必要があります。<br/>&lt; 参考 &gt; [HashiCorp Vault連携情報の入力 | HashiCorp-Vault連携情報の入力](../../../general/system/integrations/integrating-with-secret-store#hashicorp-vault連携情報の入力) <br/>&lt; 参考 &gt; [Role set : Hashicorp Vault Google Cloud secret engine](https://developer.hashicorp.com/vault/docs/secrets/gcp#rolesets)
* Roleset PathはVault設定に応じてaccess tokenベースのパスとservice account keyベースのパスを使用できます。
7. **Database Type Filter** 項目で同期したいリソースを選択します。
8. **Search Filter** を使用して同期したい一部のタイプのリソースリストを取得できます。
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ ______
<Callout type="info">
DACの権限(Privilege)には、`長期未アクセス期限`と`権限満了期限`という2つの時間ベースの制限があります。
* **長期未アクセス期限** : 管理者が `Admin > Databases > General > Configurations` の **Privilege Deactivation Period** で設定した期間、ユーザーが権限を付与された対象にアクセスしない場合、“Deactivated” 状態になります。管理者は “Deactivated” 状態を “Active” 状態に切り替えることができます。
* [Deactivated状態をActiveに切り替える | Access-Control権限の回収](db-access-control/access-control#access-control-%ea%b6%8c%ed%95%9c-%ed%9a%8c%ec%88%98%ed%95%98%ea%b8%b0)
* [Deactivated状態をActiveに切り替える | Access-Control権限の回収](db-access-control/access-control#access-control権限回収)
* **権限満了期限** : 管理者が `Admin > Databases > DB Access Control > Access Control`****で特定ユーザーに特定コネクションへの権限を付与する際に **Expiration Date** を指定するか、ユーザーがWorkflowの `DB Access Request` を通じてアクセス権限を申請する際に **Access Expiration Date** を指定することで期限が設定されます。
* **参考** : `権限満了期限`より`長期未アクセス期限`が先に到来した場合は **Deactivated** 状態となり、管理者によりActive状態へ切り替えることができます。一方、`権限満了期限`が`長期未アクセス期限`より先に到来した場合は **Expired** となり、権限が回収されます。権限が回収された場合、Workflowを通じてアクセス権限を再申請するか、管理者により新しいアクセス権限を付与する必要があります。
</Callout>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ Email送信にはSMTPサーバーが必要で、QueryPieではSMTPサーバー

Emailを通じてユーザーが自分のパスワードを初期化するようする方法について以下内容を参照してください。

* 管理者が特定ユーザーのパスワードを初期化 : [Users | ユーザー-パスワード-再設定](../../user-management/users#%ec%82%ac%ec%9a%a9%ec%9e%90-%eb%b9%84%eb%b0%80%eb%b2%88%ed%98%b8-%ec%9e%ac%ec%84%a4%ec%a0%95%ed%95%98%ea%b8%b0)
* 管理者が特定ユーザーのパスワードを初期化 : [Users | ユーザー-パスワード-再設定](../../user-management/users#ユーザーパスワード再設定)
* ユーザーが自分のパスワードを直接初期化 : [Emailを通じたユーザーパスワード初期化](../../../../user-manual/my-dashboard/user-password-reset-via-email)

### 2次認証手段としてEmail使用
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ Okta Admin Console &gt; Applications &gt; Applications &gt; Create App Integrati
8. Feedbackステップで`I'm an Okta customer adding an internal app`を選択した後、下部の`Finish`ボタンをクリックします。
9. Applicationが生成されると、上部のGeneralタブに移動して**App Settings**メニューの右側`Edit`ボタンをクリックします。
10. Provisioningフィールドを**SCIM**で選択した後、`Save`ボタンをクリックします。
11. [Okta連動 | OktaでQueryPieアプリケーション連動情報設定](../authentication/integrating-with-okta#okta%ec%97%90%ec%84%9c-querypie-%ec%95%a0%ed%94%8c%eb%a6%ac%ec%bc%80%ec%9d%b4%ec%85%98-%ec%97%b0%eb%8f%99-%ec%a0%95%eb%b3%b4-%ec%84%a4%ec%a0%95)および[Okta連動 | QueryPieでOkta連動および同期設定](../authentication/integrating-with-okta#querypie%ec%97%90%ec%84%9c-okta-%ec%97%b0%eb%8f%99-%eb%b0%8f-%eb%8f%99%ea%b8%b0%ed%99%94-%ec%84%a4%ec%a0%95)に従ってSSO連動を完了した後、以降のステップを進行してください。
11. [Okta連動 | OktaでQueryPieアプリケーション連動情報設定](../authentication/integrating-with-okta#oktaでquerypieアプリケーション連携情報設定)および[Okta連動 | QueryPieでOkta連動および同期設定](../authentication/integrating-with-okta#querypieでokta連携および同期設定)に従ってSSO連動を完了した後、以降のステップを進行してください。


______
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -227,5 +227,5 @@ macOSのVNCプロトコル制限により、VNCを通じた自動ログインを

<Callout type="info">
Workflowで表示されるServer Groupを制限するにはAdmin &gt; Servers &gt; General &gt; Configurationsで「Show Server Groups in Workflow if Assigned as Member」項目を活性化する必要があります。
詳細位置は[Server Access Request Default Settings | 基本-サーバー-アクセス-ポリシー-設定](../../sac-general-configurations#%ea%b8%b0%eb%b3%b8-%ec%84%9c%eb%b2%84-%ec%a0%91%ea%b7%bc-%ec%a0%95%ec%b1%85-%ec%84%a4%ec%a0%95)ガイドを参考にお願いします。
詳細位置は[Server Access Request Default Settings | 基本-サーバー-アクセス-ポリシー-設定](../../sac-general-configurations#サーバー権限申請の基本ポリシー設定)ガイドを参考にお願いします。
</Callout>
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ Allowed Zonesは広い範囲の許可IP帯域を意味します。
* **Password Provisioning :** パスワードプロビジョニング使用可否設定
* 登録されたサーバーのサーバーアカウントパスワードを定期的に変更
* Onに設定時、以下のように変更
* [サーバーをグループで管理する | 3.-Accounts-登録する](connection-management/server-groups/managing-servers-as-groups#3.-accounts-%eb%93%b1%eb%a1%9d%ed%95%98%ea%b8%b0)でパスワードプロビジョニングに使用するアカウント選択オプション追加
* [サーバーをグループで管理する | 3.-Accounts-登録する](connection-management/server-groups/managing-servers-as-groups#3-accounts登録)でパスワードプロビジョニングに使用するアカウント選択オプション追加
* [Password Provisioning](server-account-management/password-provisioning)メニュー有効化とPassword変更Job登録
* [Account Management](server-account-management/account-management)メニュー有効化とQueryPieで管理するサーバーのアカウントリスト照会機能提供
* **Allow RDP Connection without Server Agent :** RDP Server AgentがインストールされていないWindows Server接続許可設定
Expand Down
Loading
Loading