/
Cloud Users & IAM Management

Cloud Users & IAM Management

Owned by Kumar Desai (Unlicensed)
Last updated: Oct 13, 2020 by Anuj Raghuram (Unlicensed)
4 min read

Overview

The Identity Management feature under the Governance and Security module, lets Administrators discover and manage:

  • Cloud provider Users

  • User groups

  • Identity providers

  • Roles

  • IAM management policies

Tenant Administrators can visualize and control access to cloud resources by performing:

  • User and User Groups mapping visualization

  • Access policy remediation

IAM Discovery & Access Management Mapping

Identity management and Visualization are the top Governance and Security goals for all enterprises. The HyperCloudTM Platform (HCP) portal lets enterprises to visualize and remediate deficiencies in their identity policy enforcement.

Note: This feature is available only for Amazon Web Services (AWS) and Microsoft Azure Cloud Service Providers.

To access a Cloud Service Provider Identity:

  1. Login to your HCP account.

  2. Navigate to Governance & Security > Identity > Users.

    You’ll be able to view detailed information of your HCP in these tabs:

    • Users

    • User Groups

    • Roles

    • Policies

All tabs have a create a new user, user group, role, and policy respectively. A new enhancement to the Governance and Security Module’s Identity Management has been to add Azure IAM auto Discovery and Azure Access Management Policies, Users and User Groups mapping visualization, as well as access policy remediation features.

Users and User Groups

The Users and User Groups tabs lists all the users and groups under a Cloud Service Provider. If you’ve enabled continuous monitoring on your Amazon Web Services (AWS) or Microsoft Azure account, the list gets automatically updated with the changes to your cloud account. Clicking on any of the Accounts listed under the Users tab opens up a User dialog. The User dialog allows you to view User Details, Connected User Groups and Policies for the User.

You can reposition and click the elements of the Map above for a detailed view of the Policies or User groups associated with a User. You can remove a User from a User Group or Policies via the User Groups and Policies tabs respectively.

Identity Provider

The Identity Provider tab is specific to Amazon Web Services (AWS) accounts only. You can manage your user identities outside of your Amazon Web Service (AWS) account and provide permission to use your AWS resources.

Roles

The Roles tab lists the roles that are set up on your cloud account.

Clicking on any of the Accounts listed under the Roles tab opens up a Role dialog. The Role dialog allows you to view Role Details and Inline Policies.

You can edit the Trust Policy Document in JSON format directly from the Role dialog. The policy changes will reflect in your cloud account as well. You can view your Trust Policies in a tabular JSON format via the Inline Policies tab.

Policies

The Policies tab lists the policies within your cloud account. Clicking on any of the Accounts listed under the Policies tab opens up a Policies dialog.

You can view the following Policy information under these tabs:

  • Policy Versions: This tab lists all the versions of the policy that exist on your cloud account. You can also view the default Policy Version that’s currently in use.

  • Attached Users: This tab lists all active users that are associated with the policy.

  • Attached Groups and Attached Roles: These tabs list the active Groups and Roles associated with the policy.

You can reposition and click the elements of the Map above for a detailed view of the Attached Users, Attached Groups, Attached Roles, and Policy versions associated with a Policy.

Related content

© 2020 CloudSphere