Create Dynamic Attributes Filters
Dynamic attributes filters that you define using the Cisco Secure Dynamic Attributes Connector are exposed in the Security Cloud Control as dynamic objects that can be used in access control policies. For example, you could restrict access to an AWS server for the Finance Department to only members of the Finance group defined in Microsoft Active Directory.
Note | You cannot create dynamic attributes filters for AWS, Azure, Azure Service Tags, Cisco Multicloud Defense, Generic Text, GitHub, Google Cloud, and Outlook 365, vCenter, Webex, and Zoom). These types of cloud objects provide their own IP addresses. |
For more information about access control rules, see Create Access Control Rules Using Dynamic Attributes Filters.
Procedure
Step 1 | Click . | ||||||||
Step 2 | Click Dynamic Attributes Filters. | ||||||||
Step 3 | Do any of the following:
| ||||||||
Step 4 | Enter the following information.
| ||||||||
Step 5 | To add or edit a query, enter the following information.
| ||||||||
Step 6 | Click Show Preview to display a list of networks or IP addresses returned by your query. | ||||||||
Step 7 | When you're finished, click Save. | ||||||||
Step 8 | (Optional.) Verify the dynamic object in the Security Cloud Control. |