Skip to main content
Version: 3.22

Add service account

Service accounts are considered those of programmatic access, i.e. access of applications and machines to cloud providers' accounts.

Create Service Account

To create a service account, go to the menu: Cloud ➔ Cloud IAM ➔ Service accounts.

  • Click on the actions button and select the option Add service account.

  • In the form enter the name of the service account that will have access to the providers' accounts.

    caution

    If you are a member of an access group that has a template defined, when inserting the user he must follow the rule established in the template.

  • In the Settings tab, select which provider you want to create the user at and fill in the rest of the fields:

    • User responsible: indicates which senhasegura user is responsible for the service account at the cloud provider.

    • TTL (seconds): defines the lifetime of the service account and its credentials. This time is decreasing and starts to be valid from its creation and upon expiration the service account will be automatically deleted at the provider.

    • Description: detailed description of the service account

    • Tags: tags used to facilitate filter searches and segregate the service account into access groups

  • Select the tab corresponding to the Cloud Provider to be configured and fill out the following fields:

    • AWS:

      • Accounts: Select which accounts this service account should be created under

      • Policies: Select the policies (permission group) that this service account should have on the account. AWS limits up to 10 policies per service account

      • Opsworks - Manage SSH Keys: Check this box if you would like the service account to be added to the AWS OpsWorks service and the SSH key for it to be managed by the

    • Google Cloud:

      • Organization roles: Select which roles (permission groups), accounts and organizations the service account should be added to

      • Project roles: Select which roles (permission groups), accounts and projects the service account should be added to

    • Azure:

      • Supported Account Types: Specify who can use the service account

      • URI redirect: An URI redirect is the location where the Microsoft identity platform redirects a user and sends security tokens after the authentication

      • API Permissions:Select which permissions the service account must have

  • To finish, click on Confirm.