post-feedback

gravitational · Sep 19, 2024 · 437109a · 437109a
1 parent 2e1b61e
commit 437109a
Showing 1 changed file with 14 additions and 13 deletions.
diff --git a/docs/pages/admin-guides/management/security/client-timeout.mdx b/docs/pages/admin-guides/management/security/client-timeout.mdx
@@ -29,19 +29,6 @@ auth_service:
 ```
 This example configures a global client idle timeout of **15 minutes**. After 15 minutes of client inactivity, the session will be terminated.
 
-### Per-role configuration (applies to specific users or groups)
-
-You can also specify the timeout on a per-role basis, allowing different users or groups to have different timeout settings. For example, you might want a shorter timeout for higher-privileged roles.
-
-```yaml
-kind: role
-version: v3
-metadata:
-  name: admin-role
-spec:
-  options:
-    client_idle_timeout: 10m
-```
 
 If you are a cloud customer, you will need to modify these settings using dynamic configuration.
 
@@ -81,5 +68,19 @@ You should then see the following output:
 $ cluster auth preference has been created
 ```
 
+### Per-role configuration (applies to specific users or groups)
+
+You can also specify the timeout on a per-role basis, allowing different users or groups to have different timeout settings. For example, you might want a shorter timeout for higher-privileged roles.
+
+```yaml
+kind: role
+version: v3
+metadata:
+  name: admin-role
+spec:
+  options:
+    client_idle_timeout: 10m
+```
+
 ## Default behavior
 If the `client_idle_timeout` is not set, sessions will not automatically close due to inactivity unless other timeout policies (like `disconnect_expired_cert`) are applied.