Access

StrongDM provides a variety of ways to control the management of your StrongDM organization as well as access to resources within your infrastructure.

Permission Levels

Permission levels provide access users to perform administrative functions inside of your StrongDM organization. Particular users can be designated as Administrators or other permission levels, and gain the ability to manage users, roles, workflows, policies, resources, and other aspects of your StrongDM network.

Roles

Roles are collection of access rules that can grant access to specific resources, or to resources that meet the conditions of dynamic access rules, such as resources with a particular tag.

Policies

Policies can be used to provide more fine grained control over user actions against resources. Policies might restrict access to a particular Postgres command, or require users connecting to a resource from a particular region to complete an MFA challenge prior to doing so.

• Policies

• Policy Creation

• Policy Taxonomy

• Policy Use Cases

Access Workflows

Access workflows facilitate Just-in-Time (JIT) access. Users make requests for access to resources that appear in their catalog. The availability of resources in each user's catalog is dictated by roles that are set in the workflows. Once a request is made, an approver can then approve or deny access for particular lengths of time. Requests can be made through the Admin UI or CLI, or through our Integration With Slack or our Integration with Teams.

Approval Workflows

Approval workflows are separate mechanism that powers the approval portion of access workflows, and also provide the ability to request further approvals contextually with policy. Approval workflows can be run inside of StrongDM, using manual approvals or automatic approvals, but they can also be run using our Integration with Jira or our Integration with ServiceNow.