/
Managing AWS Groups

You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Managing AWS Groups

Nov 12, 2019

Once you have Connecting to Amazon Web Services, you can manage your AWS groups in EmpowerID. This includes:

  • creating new AWS groups

  • adding AWS users to groups

  • removing AWS users from groups

  • deleting groups

This topic demonstrates how to manage AWS groups in EmpowerID.

 

Prerequisites

You must have an AWS account and Connecting to Amazon Web Services.

 

To create AWS Groups in EmpowerID

  1. In the navigation sidebar, expand Pages and click AWS Manager.

  2. In AWS Manager, click the Groups tab and then click Create Group to initiate the Create Group workflow.



  3. In the General section of the Create Group page that appears, do the following:

    1. Enter a name for the group in the Name, Logon Name, and Display Name fields.

    2. Below Group Creation Location, click the Select a Location link and in the Location Selector that appears, search for and select your AWS location.

    3. Click Save to close the Location Selector.



    4. Select the Generic Group from the Group Type drop-down.

    5. Optionally, type any notes in the Notes field.

    6. Type a description for the group in the Description field. This field is required.

    7. Select Allow Join Requests to allow the group to appear in the IT Shop. Leave the option cleared to prevent users from requesting group membership.

    8. Select Auto-Accept Join or Leave Requests if you want to give users the ability to join or leave the group without requiring approval.

      Once you have completed the above, the General section of the form should look similar to the below image.



  4. In the Advanced section of the form, select whether you want to prevent the group from being deleted in EmpowerID.

  5. Once you have finished filling in the form, click Save to create the group.

    EmpowerID creates the group and opens the View page for the group.



  6. Expand the Advanced Options drop-down and verify that you see the AWS identifier for the group in the Distinguished Name field. 



To verify the new Group in AWS

  1. From your Web browser log in to your AWS account as an administrator.

  2. From the AWS dashboard , click the Groups navigational link and verify that you see the group you created in EmpowerID.

Managing AWS Groups

  1. In the Navigation Sidebar of the EmpowerID Web interface, expand Pages and click AWS Manager.

  2. In AWS Manager, click the Groups tab and search for the group in which you want to add members.

  3. Click the Logon Name link for that group.



    This directs you to the View One page for the group. View One pages allow you to view and edit the objects to which they are linked.

  4. From the View One page for the group, expand the Group Members accordion. The accordion displays current group members in the grid.



  5. Add and remove members from the group as needed. To add a member, type the name of an AWS user account in the Enter Search field and click the tile for that user account to select it.



  6. You can remove existing members by ticking the box to the left of the user account you want to remove.



    Notice that the Added and Removed flags have updated to show the number of user accounts being added and removed from the group.





  7. To submit your changes, click either of the Submit buttons. (If you have the drop-down opened, you can click Submit there, or you can click the larger Submit button.)