Identity and Access Management (IAM) is a core concept of Turbot and is responsible for key features such as:
- Management of user/group directory sources for Turbot
- Attributing actions to a directory user/group
- Management of permissions in Turbot
- Management of permissions in Cloud Providers
The Authentication concepts page details different ways to grant users access to the Turbot console - Turbot directory (local or via an organization directory), SAML (Azure AD, Okta, Ping, etc), and Google. Turbot does support LDAP/LDAPS directories. These directories can be created to sync active directory groups with Turbot profiles.
Identities is the mapping of events in the cloud to Turbot entities. Every Turbot event contains an Actor object with this identifying information.
Finally, Permissions tie together authentication to resource access. Using Turbot's robust permission structure, administrators can grant users access to a broad and/ or specific set of resources.
|Setting up a directory||This page includes instructions on creating a Local directory (both a local and organizational directory), Google, Okta, Azure AD, as well as configuring LDAP/LDAPS to sync groups.|
|Best practice for Turbot provisioned admin||Upon workspace creation, a local administrator is provisioned in the local directory. This guide details the steps to take after initial login.|
|Adding users to a local Turbot directory||SAML and Google directories in Turbot automatically provision profiles when users login, but administrators must create profiles for a local Turbot directory.|
|API Access keys||Create API access keys in Turbot.|
|Assigning permissions||Assigning permissions in Turbot.|