> ## Documentation Index
> Fetch the complete documentation index at: https://docs.maia.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Networks

export const m_runner = "Maia runner";

export const maia = "Maia";

Networks are configured at the project level. In {maia}, Full SaaS {m_runner}s can connect to network-secured databases using an intermediate SSH server that is part of the same network as the target database.

Currently only network items of type [SSH Tunnel](/docs/security/ssh-tunnelling) can be created.

***

## Add network item

1. From the **Your projects** menu, select your project.

2. In your project, click **More** and then click **Networks**.

3. Click **Add network item**.

4. Select a type from the **Type** drop-down. Available types are:
   * **SSH Tunnel:** Can be used to access protected databases.

5. Provide a unique name for the network item.

6. Provide a description for the network item. This is optional.

7. Provide the server destination.
   * This is the URL of the network item you want to use. This could be either `host.com:port` or `10.10.10.1:port`.
   * The port should be specified even if it's the default.

8. Provide your network username.

9. Provide your RSA private key in PEM format.

10. If the private key is encrypted, provide the passphrase. This is optional and depends on your settings.

11. Provide the Server Public Key. This is optional and depends on your settings.

    * When this is provided, the SSH tunnel will perform mutual authentication on initiating a connection.

    <Warning>
      Matillion recommends you set this value for all network items. If this option is **not** set, the SSH server cannot be verified and therefore the connection is susceptible to man-in-the-middle (MITM) attacks.
    </Warning>

12. Click **Create** to create the network item.

You can then verify the connection is valid by clicking **Test** and store it by clicking **Create**.

Your new network item is listed in the **Networks** tab.

***

## Manage network items

### Edit a network

To edit a network item, click the three dots **...** for that network item and click **Edit network item**.

### Delete a network

To delete a network item, click the three dots **...** for that item and click **Delete network item**.

You can only delete network items if you have **Owner** level access.

***

## Role permissions

The three user roles, **Owner**, **Contributor**, and **Viewer**, have the following specific permissions.

### Project actions

| Function             | Owner | Contributor | Viewer |
| -------------------- | ----- | ----------- | ------ |
| Create network items | ✅     | ✅           | ❌      |
| View network items   | ✅     | ✅           | ✅      |
| Update network items | ✅     | ✅           | ❌      |
| Delete network items | ✅     | ❌           | ❌      |
