Identities
in the left menu and click New
, orCreate
dropdown in the upper right corner and select Identity
.Next (Cloud Access)
.Next (Network Resources)
.Add Network Resource
and follow the wizard to configure a network resource. The wizard requires at least one agent
to exist. Each identity can have multiple network resources defined. Depending on the use case of this identity, creating a network
resource is optional. See Network Resource for additional details. Click Next (Native Networking)
.Add Native Networking
and configure Native Networking. Creating a Native Networking connection is optional. See Native Networking for additional details. Click Next (Tags)
.Create
.Next
:
Edit Manually
button and enter a role name. Click Confirm Manual Input
when done.Done
.Set Policies Manually
button and manually enter the policy name and click Add
. Multiple policies can be added manually. Click Set Policies From List
to return to the existing policies list.Done
.Save
. If a new AWS role was selected, Control Plane will provision a new role in AWS that will be named the same as the Object Name
shown in the Info
page of the identity.
Next
.Select Scope
to show the scope selection wizard. Choose the service, region, type, and scope. Click Confirm
.Select Roles
to show the list of available roles for the selected scope. Select one or more roles. Click Confirm
.Add Assignment
at the top of the modal. Repeat the first two steps.Done
.Save
. Control Plane will provision a new App registration in Azure that will be named the same as the Object Name
shown in the Info
page of the identity.
Next
:
Edit Manually
button and enter a service account name. Click Confirm Manual Input
when done.Done
.Select Resource
to show the resource selection wizard. Choose the service, region, type, and resource. Click Confirm
.Select Roles
to show the list of available roles for the selected resource. Select one or more roles. Click Confirm
.Add Binding
at the top of the modal. Repeat the first two steps.Done
Save
. If a new service account was selected, Control Plane will provision the new Service Account in GCP that will be named the same as the Object Name
shown in the Info
page of the identity.
Network Resources
link and click Add Network Resource
.
name
for this resource.
name
entered in step 2. If the internal resource is configured with TLS, the FQDN must be used.name
entered in step 2.Add Network Resource
button again and repeat the steps above.Save
.