In InsightCloudSec, "organizations" allow for multi-tenant functionality to logically isolate resources, users, Bots, and Insights according to their unique uses. This capability, available under "System Administration --> Organizations", allows a managed service provider to manage multiple customers in single InsightCloudSec platform installation.

Cloud accounts and their resources can only belong to one organization and cannot be modified or viewed from another organization. Review our documentation around Badges for more information on configuring and managing InsightCloudSec organization functionality.

📘

Provider Organizations

An InsightCloudSec organization is different from provider-specific organizations. Provider-specific organizations (available under "Clouds --> Organizations") are used to manage cloud accounts within the respective provider. Details on provider organizations are available here:

• AWS Cloud Setup (Organizations)
• Organizations (GCP)
• Organizations (Azure)

Management Hierarchy

The hierarchy of management within InsightCloudSec can be understood as follows:

Organizations (Enterprise Only) - Organizations allow for complete isolation between Cloud accounts, resources, and users on an installation. Cloud Accounts and their resources can only belong to one organization and cannot be modified or viewed from another organization.

Domains > Organizations > Groups/Roles/Users

Review the Users, Groups, and Roles (Identity Management) documentation) to learn more about the InsightCloudSec hierarchy and how users are managed.

Prerequisites

Before getting started you need to ensure you have the following:

• A functioning InsightCloudSec platform installation

• The appropriate permissions, i.e., since organizations are maintained at the domain level, managing organizations requires Domain Admin privileges.

  • Note: During the installation process, enterprise customers will create their first user as a domain admin. When visiting the "Domain Admin" page in the "Identity Management" section of the tool, you will see this initial user.

  • Additional domain admins can be created. Be advised that domain admins have organization admin privileges since all organizations and permissions cannot be limited for these users.

📘

Organization Visibility - User Permissions

Org admins and basic users do not see the organization list and cannot change organizations or modify organization details.

Adding an Organization

To add a new InsightCloudSec organization, complete the following steps.

1. Navigate to the cog (top right) "Administration --> System Administration" and ensure you are on the "Organizations" tab. Locate the "Create Organization" button.

2. Give the new organization a name. Optionally you may also use a previous organization as a template. Click "Submit" to complete. (For this example we named it "InsightCloudSec QA Team")

• Note: If you select a source organization, the Insights, roles, and user groups will be copied over to the new organization. If left blank, then the organization will be empty. (For this example we left it blank.)

3. Once you create the new organization, the system will redirect you back to the main System Administration page.

• Scroll through the list of organizations or use the search field to locate the new organization.

Managing an Organization

To manage, edit, or delete an existing InsightCloudSec organization, navigate to the "System Administration" page (under Administration from the left-side menu); "Organizations" is the first tab/section that displays on the page.

1. Navigate to the target organization and select the "Actions" menu on the left side of the organization name.

Actions available for existing organizations include the following: