Identity & Access Management Public Documentation Portal
Description
Trustnest Identity & Access Management (IAM) is a service of the Thales Digital Platform (TDP).
If you are a user of a landing zone or a managed services you may need to:
- authenticate the consumer of your application
- authenticate the developers on your environment
- use a technical account to build and deployed your application in your environment
For each previous use cases, you are using the IAM capacity.
Getting Started
If it's the first time you read these lines, you may need some help to understand the full Trustnest IAM ecosystem. To do so, look at the Getting Started IAM page
note
Discover the naming convention of Users and Service accounts by accessing to the IAM Naming convention page (auth required)
Features
Users
- TROUBLESHOOTING my TDP access using thalesgroup.com email
- Number Matching MFA (auth required)
- Self service portal for Azure MFA reset
- Inactivity monitoring (auth required)
- Security enforcement for Users
- Onboarding a new IAM partner (Connected organization) on TDP Tenant
- Ask for additional permission on thalesdigital.io entraID - self-service
- Restricting Allowed Endpoints for TrustNest Platform Access
Service Principal
- Service Principal (creation & usage)
- Inactivity monitoring (auth required)
- Service Principal Compliancy (auth required)
Service Accounts V2
Security Policies:
- any secret or certificates must have a lifecycle set to max: 365 days
- any secret or certificates created by a person who has left the organization must be renewed
Security Policies
Tutorial & Learning Section
- Discover the different types of technical accounts and when you should use it
- Learn how to deploy on azure from gitlab runner without hard secret