Cloud Privilege Broker Administration Guide
BeyondTrust Cloud Privilege Broker is a cloud-hosted product that centralizes and manages identities (both human and non-human) and entitlements across multi-cloud environments. Once connectors to cloud services are added, Cloud Privilege Broker scans the cloud service providers for identities, roles, groups, service principals and policies. Cloud Privilege Broker tracks actions taken in cloud environments and generates recommendations to reduce the risks associated with entitlement grants and usage.
Cloud Privilege Broker detects, catalogs, and analyzes access and the permissions granted to the variety of discovered entities to understand usage. It uses this data to recommend updated policies to assist customers in achieving the principle of least privilege (PoLP) in the cloud.
Cloud Privilege Broker also provides easily deployed recommendations for enforcement of least privilege, to reduce risk, improve security, and meet compliance goals.
The key capabilities of Cloud Privilege Broker include:
- Centralized Dashboard: Key metrics and recommendations on a single screen.
- Continuous Discovery: Users, roles, and policies across all supported platforms.
- Granular Recommendations: Efficiently implement policy across multiple cloud platforms from a single interface.
- Full Audit: Report on actions such as addition of connectors and who completed a recommendation.
This guide provide details on configuring and using Cloud Privilege Broker.
Cloud Privilege Broker supports connections to Amazon Web Services (AWS) and Microsoft Azure. Connections to other cloud services are planned for future releases.