Controlling access to Cloud Platform¶

Cloud Platform provides you a comprehensive set of security features to control who can access your Acquia applications and how, including:

• Teams, roles, and permissions: You can assign roles to your team members, with fine-grained permissions governing user actions. You can assign members to teams, where each team can have one or more applications in your organization to work on.

• Two-step verification: Although the Cloud Platform interface requires a username (email address) and password to sign in or access an Acquia application, you can also enable two-factor verification, which requires users to also enter a verification code provided by text message or trusted application.

• Session timeouts: To help secure your Cloud Platform applications, Cloud Platform interface sessions expire after 90 minutes of inactivity, requiring users to sign in again before taking any actions requiring user authentication. SSH client sessions expire after 15 minutes.

• Password strength requirements: Users signing in to the Cloud Platform user interface must have a password meeting a minimum password strength requirement, ensuring their passwords are difficult to guess.

• IP address allowlisting: You can configure Cloud Platform to allow Cloud Platform interface-based access to your applications for only specified IP addresses from an allowlist.

Each of these features controls access to the Cloud Platform interface and not access to your Cloud Platform websites or other applications.