The deployment includes a CLI container that provides command-line access to the Protegrity Management CLI via SSH, on both Linux and Windows.
Prerequisites
- SSH key: The private key generated during bootstrap at
~/.ssh/<cluster_name>_user_svc, matches the public key configured in thepty-clipod. - Network access: Ensure you have connectivity to the AKS cluster’s ingress Load Balancer.
- Hosts file: Same as Web UI access. Map the ingress FQDN to the Load Balancer IP.
The private key is placed under ~/.ssh/<cluster_name>_user_svc after bootstrap completes, where <cluster_name> is the AKS cluster name provided during installation.
Linux
From the project root directory, run the following command:
ssh -i ~/.ssh/<cluster_name>_user_svc -p 22 ptyitusr@<your-fqdn>
To skip host-key checking on first connect, run the following command:
ssh -i ~/.ssh/<cluster_name>_user_svc \
-o StrictHostKeyChecking=no \
-o UserKnownHostsFile=/dev/null \
-p 22 ptyitusr@<your-fqdn>
Windows
OpenSSH (Windows 10/11): Copy the private key from the jump box (
~/.ssh/<cluster_name>_user_svc) to Windows machine, then run the following command:ssh -i C:\path\to\<cluster_name>_user_svc -p 22 ptyitusr@<your-fqdn>PuTTY:
- Host Name:
<user-provided-fqdn> - Port:
22 - Connection Type:
SSH - Connection > SSH > Auth: Browse to your private key (
.ppkformat) - Username:
ptyitusr
- Host Name:
CLI usage
Once connected, the Protegrity CLI welcome banner is displayed, and a prompt appears for the password (default: Admin123!).
The CLI supports three command categories:
pim: Policy Information Management commands for data protection policies.admin: User, role, permission, group, and email management commands.insight: Log forwarding to external SIEM and syslog servers.