Server Error
Server Error
Server Error
Server Error
Server Error
Server Error

Account Reviews

Regularly pool user accounts from systems and review them in a portal - long

  • Episodes12
  • Duration24m 51s
  • LanguagesEN
Episode 7

Reviewer eramba Account

Create an Account for your Reviewers

Introduction

Your Account Reviews will ultimately be reviewed by someone in your organisation using the Account Review portal. In this episode, we explain how to create such an account and what permissions to use. 

Group ACL

In this episode, we will assume the person accessing the Account Review portal does not need access to any other functionality in eramba. You should have a basic understanding of our Access Management course before you attempt the steps defined in this guide.

Go to System / Settings / Group and click "Add". Then create a group called "Access to Nowhere" and save. By default, newly created groups do not have any permission allowed so this will be enough.

Note that there might be a group already on your system with such a setup and therefore you could use that existing group instead of creating a new one.

Then create one more group that will be used for all accounts that will be reviewing the system you are targeting. For example, if you plan on creating an Account Review to review AWS Access you could create a group called "AWS Account Reviewers". This group does not need any permissions so simply create it.

Create Notifications

You might want to automatically create notifications when a user is created for the purposes of Account Reviews. Please review our Access Management course to know how this is done.

Create Reviewer Account

Go to System / Settings / User Management and click "Add". Complete all fields as requested and particular attention to the following:

  • Portals: if the account you are creating does not need access to eramba, then only select "Account Review Portal".
  • Groups: if the account you are creating does not need access to anything else in eramba then select the groups (both) you created in the previous step.