I need to integrate EntraID within SailPoint ISC and the standard connector allows for dozen of different functionalities, most of which I don’t understand at all.
Could you please help me to understand better the following features of the connector?
What does the Cloud Resource Management include? Could you give me some examples of “Azure Management Objects, Management Groups, Subscriptions, Resource Groups, Role assignments, and User-Assigned Managed Identities”?
Permissions around Azure infrastructure → Virtual Machines, Virtual Networks, etc. → if your organization uses Azure as a cloud Data center, hosting applications / systems. SailPoint can help scan that infrastructure and incorporate those resources into SailPoint for permissions management. Groups are the way people permission these things, so typically this has been really just group membership management.
I’m not familiar with the details of this
its possible for Azure infrastructure or Azure Active Directory/Entra ID permissions to be activatable, time based and require additional conditions for use, instead of always on. I.e. My account is not a global admin 24/7, it requires me to login to the azure portal, press a button, include a ticket number/justification for why I need to be a global admin right now, (possibly approval for this particular activation (i.e. peer review, etc).), possibly step up for additional MFA, and then I can have the Global Admin permission for a set period of time. This is called PIM (privileged Identitiy management). After those azure role activation processes are setup, SailPoint can help manage who should have what role activation process. Groups are often the ways people map lists of people to certain activation roles, so this is also typically just group membership management.
If you are using Azure Infrastructure, Azure Active Directory/Entra ID, or M365 (teams, SharePoint online, etc). You’re going to want to read up on those features, to help understand how the SailPoint integrations will best serve your organization.