Skip to content

Access Management

[TBD]

Outcome

  • A flow for requesting permissions is defined and available to everyone in the organization
  • Each tool has a clear owner that can approve or deny access requests
  • A review/approval process is in place, with the owners of the tool being requested to approve
  • A playbook/guide is created on how to review and accept (or not) the access request
  • There's a clear definition of the tools and roles per tool that can be requested and for what
  • Granting access to a tool is automated when possible
  • Privileged access requests are reviewed by a security team
  • A periodic access request review to the tools is in place to ensure permissions are up to date.

Metrics

  • Users with more accesses
  • Users with more privileged accesses
  • Users with more access requests denied
  • Tools with more access requests requested
  • Tools with more privileged access requests requested
  • Percentage of automated flows for permission granting

Tools & Resources

  • Access - Tool for access requests & management (Free)
  • RepoKid - Tool to help maintain least privilege permissions in AWS (Free)
  • Opan - Tool for access requests & management (Paid)

Further Reading