This document provides information about the Add access policy and Edit access policy form screens, which allows you to create, configure and edit access policies in the system.
Access Path
- In Segura®, on the navigation bar, hover over Product Menu and select Cloud IAM.
- In the sidebar, select Access Control > Access Policies.
General Tab
This section provides information about the general settings of the access policy.
| Item | Type | Required | Description |
|---|---|---|---|
| Access policy name* | Text Field | Yes | Identifier name for the access policy. |
| Status | Toggle Button | No | Activates or deactivates the policy status. |
| Description | Text Field | No | General information about the access policy. |
Users Tab
This section allows you to add users to the access policy.
| Item | Type | Required | Description |
|---|---|---|---|
| Add | Button | No | Opens the Users modal to add users to the access policy. |
| Users | Table | No | Data of each user containing the fields: Code, Name, Username, Email and Department. |
Permissions Tab
This section allows you to configure the access policy permissions.
| Item | Type | Required | Description |
|---|---|---|---|
| Users can create and edit users | Toggle Button | No | Allows users to create and edit other users. |
| Service | Checkbox | No | Applies permission to service accounts. |
| Personal | Checkbox | No | Applies permission to personal accounts. |
| Users can delete users | Toggle Button | No | Allows users to delete other users. |
| Users can create and edit accounts | Checkbox | No | Allows users to create and edit accounts. |
| Users can delete accounts | Checkbox | No | Allows users to delete accounts. |
| Users can create credentials | Checkbox | No | Allows users to create credentials. |
| Users can delete credentials | Checkbox | No | Allows users to delete credentials. |
| Users can start sessions | Checkbox | No | Allows users to start sessions. |
| Users can start JIT sessions | Checkbox | No | Allows users to start JIT sessions. |
Criteria Tab
This section allows you to define criteria for applying the policy.
| Item | Type | Required | Description |
|---|---|---|---|
| Providers | Checkbox | No | Selects cloud providers to which the policy applies. |
| Account names (comma-separated) | Text Field | No | Specifies account names, separated by commas. |
| Tags (comma-separated) | Text Field | No | Specifies account tags, separated by commas. |
| Usernames (comma-separated) | Text Field | No | Specifies usernames, separated by commas. |
| Tags (comma-separated) | Text Field | No | Specifies user tags, separated by commas. |
| Usernames (comma-separated) | Text Field | No | Specifies usernames for service accounts. |
| Tags (comma-separated) | Text Field | No | Specifies service account tags, separated by commas. |
| Environment (comma-separated) | Text Field | No | Specifies environments separated by commas. |
| Systems (comma-separated) | Text Field | No | Specifies systems separated by commas. |
| Tags (comma-separated) | Text Field | No | Specifies credential tags, separated by commas. |
Settings Tab
This section allows you to configure the approval workflow.
| Item | Type | Required | Description |
|---|---|---|---|
| Template | Dropdown Menu | No | Allows selecting predefined configuration templates. |
| Require reason | Toggle Button | No | Requires justification for using the policy. |
| Require approval | Toggle Button | No | Requires approval for using the policy. |
| Approvals required | Quantity Selector | No | Sets the number of approvals needed. |
| Disapprovals required to cancel | Quantity Selector | No | Sets the number of rejections to cancel request. |
| Approval in levels | Toggle Button | No | Activates approval in multiple levels. |
| Governance ID required when justifying?* | Radio Button | Yes | Defines whether it is mandatory to inform governance code in justification. |
| Always add user manager to approvers?* | Radio Button | Yes | Defines whether the user's manager should be automatically added to the approvers. |
Approvers Tab
This section allows you to define the approvers for the policy.
| Item | Type | Required | Description |
|---|---|---|---|
| Add | Button | No | Opens the Users modal to add approvers to the access policy. |
| Approvers | Table | No | Data of each approver containing the fields: Code, Name, Username, Email, Department, and Level. |
Access Restriction Tab
This section allows you to configure time and period restrictions for the policy.
| Item | Type | Required | Description |
|---|---|---|---|
| All days | Toggle Button | No | Allows access on all days of the week. |
| Week days | Checkboxes | No | Allows selecting specific days of the week for access. |
| All times | Toggle Button | No | Allows access at any time. |
| Time ranges | Checkboxes | No | Allows selecting specific time ranges. |
| Custom | Toggle Button | No | Allows configuring custom times. |
| Select time | Time Selector | No | Selects custom times. |
| Start (Day/Time) | Date/Time picker | No | Defines the start date and time of the policy validity. |
| End (Day/Time) | Date/Time picker | No | Defines the end date and time of the policy validity. |
Review Tab
Use the Review tab to check all the information entered in the previous tabs.