Organization policies
Solarius allows organization Owners and Admins to enforce customizable policies that improve security, compliance, and governance. These policies apply to all members and services within the organization and are managed through the Solarius Identity Dashboard.
Security
Multifactor authentication (MFA)
- Mandatory MFA for all or specific roles (e.g. Admins only)
- Enforced at the login level
- Non-compliant users will be blocked until MFA is enabled
Configure via: Organization Settings -> Security -> Authentication -> MFA
Password strength requirements
- Enforce minimum password length and complexity
- Require password changes after a set period (e.g. 90 days)
- Block common passwords and patterns
Configure via: Organization Settings -> Security -> Authentication -> Password Strength
Session and access controls
Control session behavior across your organization:
- Session timeout duration (default: 30 days)
- Auto-logoff for inactive sessions
- Geo-blocking or IP allowlisting (Enterprise only)
Configure via: Organization Settings -> Security -> Sessions
Data access and residency
Regional data preferences
- Choose preferred data residency (e.g. EU, US)
- Applied to compute, storage, and analytics workloads
Some products may require region-specific configuration at the project level due to how Solarius handles global data residency & redundancy.
Audit logs
All sensitive events are logged:
- Role changes
- Login activity
- Billing modifications
- Resource provisioning/deletion
Logs are stored per organization and viewable by Owners and Admins.
Team access
Use policies to control member roles and joining permissions:
Team invite restrictions
- Domain restrictions (e.g. only allow @company.com emails)
- Role assignment rules (e.g. default role = Viewer)
- Disable open invites (require Owner/Admin approval)
Role assignment restrictions
Optional rules to prevent abuse:
- Require 2FA before assigning high-privilege roles
- Prevent users from assigning roles higher than their own
- Notify Owner when Admins change permissions
Billing and spend controls
Spending limits
Set usage limits or alerts:
- Budget limits per month (e.g., $500 max)
- Email notifications at spending thresholds (e.g., 75%, 90%, 100%)
- Auto-suspend new deployments when limit is reached
Configure via: Organization Settings -> Billing -> Spending Policies
Developer and service policies
API access controls
- Limit key scopes (read, write, admin)
- IP binding per key
- Expiration policies (auto-revoke after X days)
Configure via: Organization Settings -> Developer -> API Keys
Environment controls
- Separate sandbox and production permissions
- Toggle deployment permissions per role or project
- Prevent accidental production overwrites
Configure via: Organization Settings -> Developer -> Environments
Compliance and legal
Solarius supports the following compliance features:
- SOC2 Type II
- GDPR data residency
- HIPAA compliance (Enterprise only)
- Legal hold and export freeze
- Regulatory reporting
- E.U. Standard Contractual Clauses (SCCs)
- Data Processing Agreements (DPAs)
These features are available to all organizations but may require additional configuration or legal agreements. Contact help@solarius.me for more details.
Custom policies
For advanced needs, custom policies can be created using Solarius' policy engine. This allows you to define specific rules based on:
- User attributes (e.g. department, location)
- Resource types (e.g. compute, storage)
- Time-based conditions (e.g. enforce MFA only during business hours)
- Integration with external systems (e.g. SIEM, IAM)
Custom policies can be created through visual policy builders or JSON/YAML definitions. Contact support for assistance in setting up custom policies.
Questions or support
For any questions or support requests, please contact help@solarius.me or use our support portal. Our team is ready to assist you with policy configuration, troubleshooting, or any other inquiries related to your organization's policies.