CloudOps
Flow Automation Highlights
User Cleanup in IAM: Inactive users are identified and removed from AWS IAM, Azure Entra ID, and Google Admin. This task, typically requiring manual checks and approvals, is automated to prevent security risks and reduce administrative workload, ensuring timely removal of unnecessary accounts.
Admin Approval via Slack: Admins are notified and can approve user deletions directly through Slack. This replaces manual email chains and meetings, speeding up decision-making and ensuring that only authorized actions are taken, enhancing security oversight.
Issue Management with Jira: Integration with Jira automates the creation of issues for further investigation of concerning accounts. This replaces manual tracking and follow-ups, ensuring that potential security threats are addressed promptly and efficiently, improving overall incident response times.
Orchestration Toolbox
AWS IAM: In this use case, AWS IAM is responsible for managing user identities and access permissions. It serves as the primary platform for identifying and removing inactive users, ensuring that only active and necessary accounts have access to resources.
Azure Entra ID: Azure Entra ID plays a similar role to AWS IAM, managing user identities within Microsoft's cloud environment. It helps automate the process of identifying inactive users, reducing the risk of unauthorized access and maintaining a secure identity management system.
Google Admin: Google Admin is used to manage user accounts within Google's ecosystem. It facilitates the automation of user cleanup by identifying dormant accounts, ensuring that only active users have access to Google services, thus enhancing security and compliance.
Slack: Slack is utilized for communication and approval processes. It notifies administrators of potential user deletions and allows them to approve or deny actions directly within the platform, streamlining decision-making and reducing the need for lengthy email exchanges.
Jira: Jira is integrated for issue tracking and management. It automatically creates tickets for further investigation of concerning accounts, ensuring that potential security threats are documented and addressed efficiently, replacing manual tracking and follow-up processes.
AWS CloudTrail: AWS CloudTrail provides audit logs and tracks user activity within AWS. It is used to analyze the last API calls for concerned accounts, offering detailed insights into user actions and supporting compliance and security investigations.
