Considerations for configuring multiperson authorization
Prerequisites:
At least three security administrators are required to enable multiperson authorization.
Note that:
Security administrators can enable, disable, and edit access control policies.
Service accounts cannot approve pending requests.
Policy creator cannot exempt themselves during creation.
Notifications are sent to specified email recipients for approval requests.
The number of approvals required can range from 2 to 10.
Pending requests can be cancelled by the requester.
Security administrators can deny any pending requests.
Security observers can view all policies and pending requests.
Other users can view requests they created or can approve.
Quorum is evaluated independently for each approver role. If a single user holds multiple approver roles defined in the policy, that user's approval counts toward the quorum for each role they hold.
The following considerations apply only to SED appliances:
A custom policy can be created only after the access control policy is enabled.
If a custom policy exists, the access control policy cannot be disabled.
When a custom policy is created, it must have at least one operation. It is possible to edit an existing custom policy and remove all the operations.
To enable multiperson authorization for an operation, it must be added to a new or existing custom policy.
Security administrators can create, edit, or delete custom policies. Users with custom roles can also perform these operations if they have the permission.
Creating a new custom policy does not require multiperson authorization approval; editing or deleting a custom policy requires quorum from other security administrators.
When an operation is removed from a custom policy, any pending requests for that operation are automatically rejected.