From 437109a4837f4539a6b75998d45fd79b174b3070 Mon Sep 17 00:00:00 2001 From: "marie.mcallister" Date: Thu, 19 Sep 2024 16:41:10 -0700 Subject: [PATCH] post-feedback --- .../management/security/client-timeout.mdx | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/docs/pages/admin-guides/management/security/client-timeout.mdx b/docs/pages/admin-guides/management/security/client-timeout.mdx index 9fc4c1b4056d4..bb06ae6ff34bd 100644 --- a/docs/pages/admin-guides/management/security/client-timeout.mdx +++ b/docs/pages/admin-guides/management/security/client-timeout.mdx @@ -29,19 +29,6 @@ auth_service: ``` This example configures a global client idle timeout of **15 minutes**. After 15 minutes of client inactivity, the session will be terminated. -### Per-role configuration (applies to specific users or groups) - -You can also specify the timeout on a per-role basis, allowing different users or groups to have different timeout settings. For example, you might want a shorter timeout for higher-privileged roles. - -```yaml -kind: role -version: v3 -metadata: - name: admin-role -spec: - options: - client_idle_timeout: 10m -``` If you are a cloud customer, you will need to modify these settings using dynamic configuration. @@ -81,5 +68,19 @@ You should then see the following output: $ cluster auth preference has been created ``` +### Per-role configuration (applies to specific users or groups) + +You can also specify the timeout on a per-role basis, allowing different users or groups to have different timeout settings. For example, you might want a shorter timeout for higher-privileged roles. + +```yaml +kind: role +version: v3 +metadata: + name: admin-role +spec: + options: + client_idle_timeout: 10m +``` + ## Default behavior If the `client_idle_timeout` is not set, sessions will not automatically close due to inactivity unless other timeout policies (like `disconnect_expired_cert`) are applied.