Skip to main content
Version: 3.22

Add access group

Creating an access group will help with permission settings and user approval flow.

Create Access Group

To create an access group go to the menu: Cloud ➔ Access control ➔ Access Groups

  1. In the page actions, click on the New group option

  2. In the form include the name of the group and whether it will be active or not

  3. On the Settings tab, select permissions:

    • Whether members of this group can create and edit other users in the Providers Cloud IAM. Select which user types can be created and edited by group members.

    • Whether they can exclude other users. Select which user types can be excluded by group members.

    • You can create and edit accounts

    • You can delete accounts

    • You can create credentials

    • You can delete credentials

  4. Select an Template for user creation, i.e. if this group has permission to create users it must create them following the pattern established in the chosen template. To learn more about templates, see the section Configuration Templates in this manual.

  5. Define whether this group will require approval to perform its activities. To do this, check or uncheck the boxes:

    • Requires justification: To carry out their activities, members must describe why they want to do it.

    • Requires approval: Needs the previous box to be checked, and will cause members to carry out their activities after a request has been sent and approved by another user.

      • Select how many approvals required for the user to perform their requested activity.

      • Select the number of reprovals required to cancel the request, i.e. so that the user is not allowed to perform the activity.

      • Select whether there will be approval in levels, i.e. after a lower member's approval, a higher member can approve or disapprove the request.

      • Define whether it will be mandatory to specify governance code when justifying.

      • And if always managers will be included in the group's list of approvers.

  6. On the Criteria tab, define what entities the group members will be able to interact with. The criterio could be:

  • Name of the entity you want the members of the group to see

  • A mask containing the name of the entity i.e senhasegura*

    :::info You can enter an * (asterisk) if you want the group members to have unrestricted access. :::

  1. On the Users tab, enter the members of the access group.

  2. On the Approvers tab, enter the users who will approve requests from access group members.

  3. To finish click on Save.