Documentation > Tools > Configuration Builder

Enterprise Deployment Configuration Builder

Create a custom configuration for your ZeroTrustKerberosLink deployment

Select a Starting Template

Financial Services

Optimized for banking, investment, and financial institutions with PCI-DSS compliance.

  • Active-active high availability
  • Enhanced audit logging
  • Multi-factor authentication

Healthcare

Designed for hospitals, clinics, and healthcare providers with HIPAA compliance.

  • PHI access tracking
  • Extended log retention
  • Emergency access procedures

Government

Configured for federal, state, and local government agencies with FedRAMP compliance.

  • PIV/CAC integration
  • FIPS 140-2 cryptography
  • AWS GovCloud support

Basic Configuration

AWS Integration

Security Settings

Compliance Settings

Generated Configuration

Your custom ZeroTrustKerberosLink configuration based on selected options:

# ZeroTrustKerberosLink Configuration
# Generated for: Example Corp

# High Availability Settings
ha_mode: active-active
min_nodes: 2
failover_timeout: 30s

# Kerberos Settings
kerberos:
  realm: EXAMPLE.COM
  service_principal: ztk/service@EXAMPLE.COM
  keytab_path: /etc/ztk/service.keytab
  ticket_lifetime: 8h
  renewable_lifetime: 24h

# AWS Integration
aws:
  region: us-east-1
  session_duration: 3600
  credential_rotation: enabled

# Security Settings
security:
  encryption:
    transit: tls1.3
    at_rest: aes256
    key_rotation: 7d
  authentication:
    mfa_enabled: true
    failed_login_lockout: 5
    password_policy: strong
  session:
    idle_timeout: 15m
    max_duration: 8h

# Audit Logging
logging:
  level: verbose
  destinations:
    - local
    - syslog
    - cloudwatch
  retention: 2y

# Compliance
compliance:
  audit_logging: verbose
  log_retention: 2y