Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

Home / Identity Administration / User Accounts and Groups / AWSCurrent: Managing AWS Users

Once you have connected EmpowerID to AWS, you can manage your AWS users in EmpowerID. This includes:

  • creating new AWS users
  • adding AWS users to AWS groups
  • removing AWS users from AWS groups
  • deleting AWS users
Style
importhttps://docs.empowerid.com/docs.css


Tip

For information on adding and removing AWS users to and from AWS groups, see Managing AWS Groups

...

.



Info
titlePrerequisites

You must have an AWS account and create an AWS account store for that account in EmpowerID.

To create an AWS user account in EmpowerID

  1. In the Navigation Sidebar of the EmpowerID Web interface, expand Pages and click AWS Manager.
  2. In AWS Manager, click the User Accounts tab and then click Create User (Person Optional) to initiate the Create User workflow.

    Image Modified

  3. When the Create User form for the workflow opens, select the General tab and do the following in the Name Information section:
    1. Select Personal Standard from the Account Type drop-down. This is the default selection.
    2. Type names for the user in the First Name, Last Name, Display Name and Logon Name fields.
    3. Leave Is Office 365 Account? cleared. 
    4. Below Account Creation Location, click the Select a Location link, type the name of the AWS account store you created in EmpowerID, click the node for the location to select it and then click Save

      Image Modified

    5. Optionally, enter text in the Description and Comments or Justification fields.
    6. Select Join Account to an Existing Person if you want to link the account to a current person. Doing so opens the Account Owner search field. To select the person you want to join the account to, type the name of the person in the search field and then click for that person. This makes that person the owner of the account.

      Image Modified

    7. Select Create a new EmpowerID Person object if you want to create a new person for the account. Doing so opens the following fields:
      • Person Business Role selector - This allows you to select the Business Role and Location for the new person (required).


      • User Personal Email to Nofify - This sends an email to the user's personal email address, welcoming them to EmpowerID and notifying them of their username.
      • Management Role to Notify - This sends a notification about the new person to the selected Management Role. To select a Management Role, type the name of the role in the field and then click the tile for that role.

        Image Modified

      • Allow me to enter a password - This allows you to set the initial password for the person account. Selecting this option displays the Password and Confirm Password fields, along with the password complexity rules.

        Image Modified

  4. Scroll to the Security section and select the appropriate options.
  5. Click Save.

    After several moments, EmpowerID creates the user account and displays the View page for the account. Verify that the Distinguished Name field shows the AWS User ARN.

    Image Modified


To verify the new user in AWS

  1. From your Web browser log in to your AWS account as an administrator.
  2. From the AWS dashboard , click the Users navigational link. You should see the user you just created in EmpowerID.

    Image Modified


To delete an AWS user in EmpowerID

  1. In the Navigation Sidebar of the EmpowerID Web interface, expand Pages and click AWS Manager.
  2. In AWS Manager, click the Users tab and search for the user account you want to delete.
  3. Click the record for that user account to select it and then click the Delete Account action link.

    Image Modified

  4. Click Yes to confirm you want to delete the user.
  5. If you left Wait to see results selected, click OK to close the Operation Execution Summary.

    Image Modified

To verify user deletion in AWS

  1. From your Web browser log in to your AWS console as an administrator.
  2. From the AWS console, select Identity & Access Management.
  3. Click the Users navigational link and search for the user you just deleted and verify that there are no results.

    Image Modified



Tip

EmpowerID keeps a log of all AWS actions performed in EmpowerID, including what was done, when it was done and who did it. To view these logs, expand System Logs in the Navigation Sidebar and click Audit Log. Once in Change Manager, search for AWS to filter the changes displayed. 

Image Modified