Identity & Access Management Public Documentation Portal
Description
Trustnest Identity & Access Management (IAM) is a service of the Thales Digital Platform (TDP).
If you are a user of a landing zone or a managed services you may need to:
- authenticate the consumer of your application
- authenticate the developers on your environment
- use a technical account to build and deployed your application in your environment
For each previous use cases, you are using the IAM capacity.
MCS Chatbot
The MCS chatbot is a helpful tool for quickly finding information in our documentations. However, since it uses generative AI, the information it provides may not always be 100% accurate and should be double-checked with the official documentation.
By including the 'iam' keyword in your query, you'll only search through the k8saas public documentation !
Did you try our chatbot at the bottom-right corner of the screen ? ↘
Getting Started
If it's the first time you read these lines, you may need some help to understand the full Trustnest IAM ecosystem. To do so, look at the Getting Started IAM page
Discover the naming convention of Users and Service accounts by accessing to the IAM Naming convention page (auth required)
Features
Users
- TROUBLESHOOTING my TDP access using thalesgroup.com email
- Number Matching MFA (auth required)
- Self service portal for Azure MFA reset
- Inactivity monitoring (auth required)
- Security enforcement for Users
- Onboarding a new IAM partner (Connected organization) on TDP Tenant
- Ask for additional permission on thalesdigital.io entraID - self-service
- Restricting Allowed Endpoints for TrustNest Platform Access
Service Principal
- Service Principal (creation & usage)
- Inactivity monitoring (auth required)
- Service Principal Compliancy (auth required)
Service Accounts V2
Security Policies:
- any secret or certificates must have a lifecycle set to max: 365 days
- any secret or certificates created by a person who has left the organization must be renewed
Security Policies
Tutorial & Learning Section
- Discover the different types of technical accounts and when you should use it
- Learn how to deploy on azure from gitlab runner without hard secret