Turbot Guardrails now supports the integration and assignment of permissions by using Active Directory groups. With Turbot Guardrails latest release, permissions for resources can be assigned automatically by Turbot Guardrails by moving users into an integrated group. This allows administrators to make use of existing processes for onboarding and off-boarding employees, support job role changes, and additions for access simply by making changes within the company's Active Directory. Further, access can be restricted to Turbot Guardrails to only those who are present in a selected Active Directory group.
After your Active Directory is connected to Turbot Guardrails, Turbot Guardrails can lookup users from Active Directory and manage user permissions. Within the configuration of the directory in Turbot Guardrails, you can now specify group search filters to instruct Turbot Guardrails how to search for groups within your Active Directory. These groups will become available to assign permission grants to resources within Turbot Guardrails in the same way you would assign grants to users.
By assigning permission grants to an Active Directory group, Turbot Guardrails will setup the assigned permissions to any user in the Active Directory group. This approach helps to facilitate easier user management by permitting grants to be assigned once, across a hierarchy of Turbot Guardrails, AWS, Azure, Google Cloud, Linux, Windows, and database resources. As new employees join the company, Turbot Guardrails can ensure that permissions are set up appropriately just by assigning the employee to an Active Directory group, without additional configuration in Turbot Guardrails or your cloud provider.
Within Turbot Guardrails, you can also specify the groups that can be leveraged to log into Turbot by modifying the "Turbot > Directory > Restrict Login to Groups Template" policy. This will restrict Turbot Guardrails login to only the groups that you have identified, providing a high level of security and protection to Turbot Guardrails resources, while simplifying management.
The ability to manage user permissions and grants by Active Directory group helps to expedite the configuration of permissions, and simplifies the management process for your user permissions at scale. Coupled with Turbot Guardrails strong history of simplifying the process of assigning and administering permissions across your resource hierarchy, the integration of Active Directory groups helps to supercharge your user management strategy.
For more information about integrating Active Directory groups into Turbot Guardrails, please contact us. Or, connect with us for a demo on all of Turbot Guardrails features and solutions including Active Directory group management, and enabling security, compliance, and operations across your cloud environments.