Intro: General Security Information
Strawberry Cloud Access (SCA) provides several infrastructure and content security layers.
- Related Article: Strawberry Cloud Access Security Information
Step 1: Domain Setup
For remote users to reach your on-premise Strawberry system trough SCA, you will need to decide on a URL under which this system can be reached.
- Related Article: Cloud Access Domain Setup
Step 2: Firewall Configuration
For the Strawberry server to connect to SCA, you don’t need to open up firewall ports for incoming traffic. Still, you need to make sure that your Strawberry server can connect to the relevant AWS IP ranges from behind the firewall (outgoing traffic). Since Amazon can change AWS IP ranges, it is recommended to update the configuration using the methods described by Amazon automatically.
- Related Article: AWS IP Address Ranges
Step 3: Connecting Strawberry to SCA
Once the above steps are performed, Projective will provide you with a Skies API key that needs to be placed into a configuration file. Within this configuration file, you will also need to provide the domain name(s) under which your Strawberry system should be reachable via SCA. The example configuration file “skies.yml.example” can be found within the “/app/fsbase/config” directory on your Strawberry server. Once the file is in place, Strawberry services must be restarted.
Step 4: Providing Strawberry Users & Teams with SCA-Access
Users can only connect to the on-premise system through SCA if an Administrator has given permission to their user accounts. Admins can set that permission for individual users.
- Related Article: Giving Cloud Access to a User
Please note that users connecting trough SCA require a strong password. Users attempting to login trough SCA with weak passwords are rejected & prompted to reset their passwords via an Email reset link. Therefore, it is recommended to add an email address to each SCA-enabled user account.
- Related Artice: Editing a User
- Related Artice: Strong Password Criteria
Need more help with this?
Visit the Projective Support Websites