Turbot now supports the integration and assignment of permissions by using Active Directory groups. With Turbot’s latest release, permissions for resources can be assigned automatically by Turbot by moving users into an integrated group. This allows administrators to make use of existing processes for onboarding and offboarding employees, support job role changes, and additions for access simply by making changes within the company’s Active Directory. Further, access can be restricted to Turbot to only those who are present in a selected Active Directory group.

Group appearing in the Add Grant dialog

After your Active Directory is connected to Turbot, Turbot can lookup users from Active Directory and manage user permissions. Within the configuration of the directory in Turbot, you can now specify group search filters to instruct Turbot how to search for groups within your Active Directory. These groups will become available to assign permission grants to resources within Turbot in the same way you would assign grants to users.

By assigning permission grants to an Active Directory group, Turbot will setup the assigned permissions to any user in the Active Directory group. This approach helps to facilitate easier user management by permitting grants to be assigned once, across a hierarchy of Turbot, AWS, Azure, Google Cloud, Linux, Windows, and database resources. As new employees join the company, Turbot can ensure that permissions are set up appropriately just by assigning the employee to an Active Directory group, without additional configuration in Turbot or your cloud provider.

Picture of “Grants by Group” on the permissions tab

Within Turbot, you can also specify the groups that can be leveraged to log into Turbot by modifying the “Turbot>Directory>Restrict Login to Groups Template” policy. This will restrict Turbot login to only the groups that you have identified, providing a high level of security and protection to Turbot resources, while simplifying management.

Picture of  “Turbot>Directory>Restrict Login to Groups Template” policy

The ability to manage user permissions and grants by Active Directory group helps to expedite the configuration of permissions, and simplifies the management process for your user permissions at scale. Coupled with Turbot’s strong history of simplifying the process of assigning and administering permissions across your resource hierarchy, the integration of Active Directory groups helps to supercharge your user management strategy.

For more information about integrating Active Directory groups into Turbot, please contact us. Or, connect with us for a demo on all of Turbot’s features and solutions including Active Directory group management, and enabling security, compliance, and operations across your cloud environments.