Cloud Privilege Broker Administration Guide

BeyondTrust Cloud Privilege Broker is a cloud-hosted product that centralizes and manages identities (both human and non-human) and entitlements across multi-cloud environments. Once connectors to cloud services are added, Cloud Privilege Broker scans the cloud service providers for identities, roles, groups, service principals and policies. Cloud Privilege Broker tracks actions taken in cloud environments and generates recommendations to reduce the risks associated with entitlement grants and usage.

Cloud Privilege Broker detects, catalogs, and analyzes access and the permissions granted to the variety of discovered entities to understand usage. It uses this data to recommend updated policies to assist customers in achieving the principle of least privilege (PoLP) in the cloud.

Cloud Privilege Broker also provides easily deployed recommendations for enforcement of least privilege, to reduce risk, improve security, and meet compliance goals.

The key capabilities of Cloud Privilege Broker include:

  • Centralized Dashboard: Key metrics and recommendations on a single screen.
  • Continuous Discovery: Users, roles, and policies across all supported platforms.
  • Granular Recommendations: Efficiently implement policy across multiple cloud platforms from a single interface.
  • Full Audit: Report on actions such as addition of connectors and who completed a recommendation.

This guide provide details on configuring and using Cloud Privilege Broker.

Cloud Privilege Broker supports connections to Amazon Web Services (AWS) and Microsoft Azure. Connections to other cloud services are planned for future releases.

Terms of Use

To view the terms of use and Cloud Privilege Broker version details, select About from the left Menu, or click the i icon in the left navigation bar.