Identity & Access Management Public Documentation Portal

Description

Trustnest Identity & Access Management (IAM) is a service of the Thales Digital Platform (TDP).

If you are a user of a landing zone or a managed services you may need to:

• authenticate the consumer of your application
• authenticate the developers on your environment
• use a technical account to build and deployed your application in your environment

For each previous use cases, you are using the IAM capacity.

MCS Chatbot

caution

The MCS chatbot is a helpful tool for quickly finding information in our documentations. However, since it uses generative AI, the information it provides may not always be 100% accurate and should be double-checked with the official documentation.

iam keyword

By including the 'iam' keyword in your query, you'll only search through the k8saas public documentation !

Did you try our chatbot at the bottom-right corner of the screen ? ↘

Hi!

Getting Started

If it's the first time you read these lines, you may need some help to understand the full Trustnest IAM ecosystem. To do so, look at the Getting Started IAM page

note

Discover the naming convention of Users and Service accounts by accessing to the IAM Naming convention page (auth required)

Features

Users

• TROUBLESHOOTING my TDP access using thalesgroup.com email
• Number Matching MFA (auth required)
• Self service portal for Azure MFA reset
• Inactivity monitoring (auth required)
• Security enforcement for Users
• Onboarding a new IAM partner (Connected organization) on TDP Tenant
• Ask for additional permission on thalesdigital.io entraID - self-service
• Restricting Allowed Endpoints for TrustNest Platform Access

Service Principal

• Service Principal (creation & usage)
• Inactivity monitoring (auth required)
• Service Principal Compliancy (auth required)

Service Accounts V2

• Service Account V2 Creation Form
• Service Account V2 Security Policy (auth required)

Security Policies:

• any secret or certificates must have a lifecycle set to max: 365 days
• any secret or certificates created by a person who has left the organization must be renewed

Security Policies

• IAM Information System Security Policy Reference (auth required)
• Trustnest IAM EntraID endpoints

Tutorial & Learning Section

• Discover the different types of technical accounts and when you should use it
• Learn how to deploy on azure from gitlab runner without hard secret

Troubleshooting Section

• TROUBLESHOOTING - Ask for UPN update for thalesgroup.com identity