AWS Account and User Management

Designed for multi-tenancy, CDSB allows role-based configuration and access to your multi-account AWS infrastructure using built-in objects of tenants, roles and users. AWS accounts can be distributed among tenants, while the users of each tenant have limited role-based access to the objects of a tenant.

During the setup stage, the global administrative user and its credentials were defined. This user belongs to the built-in tenant with the name Administrator. You can create as many additional tenants and users as defined by your edition of CDSB.

Additional tenants are helpful in the case of managed service providers, when you are managing multiple organizations from one CDSB instance or if you have different departments in your organization with each having their own AWS resources.

Tenants can be public and isolated. The global admin cannot see jobs and get notifications for isolated tenants. They are used in the MSP model when CDSB works as a service in a service provider’s infrastructure.

You can configure AWS accounts, tenants and users in the User Administration module.

In general, the initial process of user access configuration consists of the following steps:

•Add tenants.

•Add AWS accounts.

•Add tenant users.