Cloud IAM
  • 1 minute to read
  • Dark
    Light
  • PDF

Cloud IAM

  • Dark
    Light
  • PDF

Article summary

Cloud IAM is a senhasegura Identity and Access Management module to control access to resources in Cloud Service Providers (CSPs).

Cloud IAM can be used to provision users and service accounts in a multi-cloud architecture. With it, administrators can monitor all cloud environments and users in a centralized and controlled way. In addition, senhasegura tracks activities to ensure compliance through audit reports and session recordings.

Workflow without and with Cloud IAM

How it works

In-depth overview of the Cloud IAM workflow

Cloud IAM allows access control to be managed across multiple CSPs through a single approval workflow. When a request is made to access a resource, the administrator receives a notification in the Cloud IAM console containing the necessary details. From the console, the administrator can create or modify users or access groups across multiple cloud providers simultaneously. This involves configuring the required permissions, roles, credentials, and access keys for the request. Once the user is provisioned, Cloud IAM receives information from the CSPs and creates auditing details for each access granted across all configured CSPs.

Features

Cloud IAM main features include:

  • Centralized cross-cloud identity provisioning.
  • Immediate provisioning of users, access keys, and service accounts.
  • Creation of templates. These templates create a standard mask for creating new users and service accounts.
  • Dynamic provisioning of policies, roles, resources, and permissions through the Devops Secret Manager.
  • Provisioning of Just-In-Time (JIT) credentials and JIT access control.
  • Recorded remote sessions of the AWS cloud console.
  • Management of access requests and access groups.
  • Audit tracking reports.

Applicability

With Cloud IAM, you can manage identities throughout multiple CSPs. The module currently supports the following providers:

  • Amazon Web Services (AWS).
  • Microsoft Azure.
  • Google Cloud Provider (GCP).
Info

Each CSP has its own integration method. Check the Add account documentation to learn how to connect senhasegura to your CSPs.


Was this article helpful?