Fortanix Armor Identity and Access Management (IAM)

1.0 Introduction

1.1 Purpose

Welcome to the Fortanix Identity and Access Management (IAM) User Guide. This guide provides an overview of the Fortanix Armor IAM solution and the associated functionalities – Users and Groups management.

1.2 Intended Audience

This guide is intended to be used by the Fortanix Armor administrators to manage users and groups inside the Fortanix Armor platform.

2.0 Overview

The Identity and Access Management (IAM) service integrates seamlessly with the Fortanix Armor platform to provide secure and centralized user and access management for Fortanix products or services.

User and Access Management (UAM) helps manage user identities and their access to resources within Fortanix Armor. This also encompasses processes, policies, and technologies aimed at effectively provisioning, managing, and revoking user accounts and their access privileges.

Implementing IAM offers numerous advantages for organizations in terms of security, compliance, efficiency, and user experience.
Here are some key benefits:

  • Enhanced Security: Fortanix Armor IAM helps improve security by ensuring that only authorized individuals and systems have access to resources. It reduces the risk of unauthorized access, data breaches, and insider threats by enforcing strong authentication, access controls, and least privilege principles.
  • Reduced Risk: By centralizing user and group access controls, IAM helps organizations mitigate security risks associated with weak passwords, identity theft, and unauthorized access. It provides visibility into user activities and enables organizations to detect and respond to suspicious behavior more effectively.
  • Compliance: IAM solutions help organizations comply with regulatory requirements and industry standards by enforcing access controls, auditing user activities, and maintaining detailed audit trails.
  • Improved Operational Efficiency: IAM streamlines user provisioning, management, and de-provisioning processes, reducing administrative overhead and ensuring consistency across the organization. Automated workflows, self-service capabilities and role-based access controls help improve efficiency and productivity.
  • Scalability and Flexibility: IAM solutions are designed to scale with the growing needs of organizations, supporting many users, devices, and applications across diverse environments. They are adaptable to changing business requirements and can integrate with existing IT systems and cloud services.
  • Centralized Management: IAM provides a centralized platform for managing user identities and access controls across the organization. This simplifies administration, improves visibility, and enables consistent enforcement of security policies and access controls.

This article provides an overview of the Fortanix Armor IAM solution, including functionalities such as Users and Groups management.

3.0 Users

User management is the process of creating, modifying, and maintaining user accounts within Fortanix Armor. It involves tasks such as account provisioning and user lifecycle management.

The following are some of the key aspects of user management:

  • User Provisioning: This involves creating new user accounts and granting them access to the necessary resources based on their roles and responsibilities within the platform. User provisioning may include assigning usernames, email addresses, passwords, and access privileges.
  • User Lifecycle Management: User lifecycle management involves managing user accounts throughout their lifecycle, from creation to deletion. This includes tasks such as account activation, suspension, password resets, role changes, and account de-provisioning when users leave the platform or change roles.
  • Access Control: Access control mechanisms ensure that users only have access to the resources and data necessary to perform their job functions. This includes enforcing the principle of least privilege, where users are granted the minimum level of access required to fulfill their duties.

3.1 List Users Associated with Your Account

To list the users on your account:

  1. Navigate to Fortanix IAM → Users.
  2. On the Users page, the list of users that are part of your selected account will be displayed. For each user, you can view the following information:
    • NAME: Name of the user. By default, your profile will be listed as <Your User Profile Name (You)>. For example, Demo User (You).
    • EMAIL: Email ID of the user.
    • ROLE: The role assigned to the user. The available roles are Administrator, Viewer, or Editor. A Viewer can view data but cannot edit it. An Editor can view and edit data. An Administrator can view and edit data, as well as manage the account and its members.

      Refer to the following table to understand more about the available roles and permissions for Fortanix Key Insight:

      ACTION

      VIEWER

      EDITOR

      ADMINISTRATOR

      List Users

      Yes

      Yes

      Yes

      List Groups

      Yes Yes Yes
      Invite Users No No Yes

      Create or Modify Group

      No Yes Yes
      Key Insight Cloud Account Management No No Yes
    • CREATED: User created date and time.
    • LAST LOGIN: Last login date and time.

    Access Users.png Figure 1: Access List Of Users

  3. On the Users page, you can perform the following actions:

3.2 Invite a User

As an administrator of the account, you can invite a user to join your Fortanix Armor account.
Prerequisites:

  • The email ID of the user is required.
  • You need to be an account administrator to invite a user to an account.

To invite a new user,

    1. On the Users page, click INVITE USER.
    2. Fill in all the required details:
      • Email: The email of the user, the email is case-insensitive.
      • First name: User’s first name.
      • Last name: User’s last name.
      • Role: Select the role as Administrator, Viewer or Editor.
      NOTE
      When you invite a user to an account,

      Invite a User.png Figure 2: Invite a User to IAM

    3. Click INVITE USER to invite the user. The invited user will get an email to join this account.

      4.png Figure 3: Confirm to Join the Account

    4. After the user accepts the invitation, during the next login, the user can see the Pending Invitations on the Accounts page on Fortanix Armor. The user must click ACCEPT to join the account.

      Accept the Invite.png Figure 4: Accept the Invitation

    5. After the user accepts the invitation to join the Fortanix Armor account, the user will be added to the Users list on your account.

3.3 Copy User ID

As an administrator of an account, you can copy the user ID of the user.
From the list of users, select a user to copy the ID and click the ellipses icon for the selected user. From this menu, click COPY USER ID to copy the ID to the Clipboard.

Copy User ID.png Figure 5: Copy the User ID

3.4 Edit User

As an administrator of an account, you can edit access within this account.
To do this:

  1. Click the Users menu item in the Fortanix IAM left navigation bar.
  2. From the list of users, select a user to edit and click the ellipses icon for the selected user. From this menu, click EDIT USER to edit the user access details.

    Edit User.png Figure 6: Edit a User

  3. On the Edit User Permissions page, update the user’s role, and click UPDATE USER. The role will be updated accordingly.

    Update a User.png Figure 7: Update User's Role

NOTE

3.5 Remove User

As an administrator of an account, you can remove a user from your account.

From the list of users, select a user to remove and click the ellipses icon for the selected user. From this menu, click REMOVE USER to remove that user from your account.

Remove User.png Figure 8: Remove the User from Your Account

If selected, on the confirmation pop-up, click REMOVE to remove the selected user. After the user is removed, his role and the related permissions will also be revoked.

Remove Confirmation.png Figure 9: User Removal Confirmation

4.0 Groups

In Fortanix IAM, users can be organized into groups.

  • A group helps users manage identities and helps in organizing and securing the users and objects that belong to a group.
  • A group is used to control access for users.
  • An Editor or Administrator of a Fortanix Armor account can create a group.

Comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful