If you’re looking to simplify user access and permissions in your Grafana instance, then this blog post is for you.That’s because we’re going to walk through how to set up a streamlined system for managing user permissions with Grafana teams. We’ll focus on Entra ID (formerly Azure Active Directory) as our user repository and identity provider, but these steps can be adapted to other identity providers as well, including Okta and Keycloak.

These three IAM security misconfiguration scenarios are rather common. Discover how they can be exploited, but also, how easy it is to detect and correct them. Identity and access management (IAM) misconfigurations are one of the most common concerns in cloud security. Over the last few years, we have seen how these security holes put organizations at increased risk of experiencing serious attacks on their Cloud accounts.

To pull off a data breach, today’s cybercriminals have some formidable tools at their disposal. They can use software to guess simple passwords. They may infect a system with ransomware, only returning stolen information when they’re received payment. They might choose to deploy a social engineering attack and gain access to a network through human error.

Few computing concepts are as ubiquitous as identity and access management. There isn’t a single day that goes by without us being asked for credentials, passwords or pin codes. Yet very few know the origins and the evolution of the technologies behind them. This is the first of two blog posts where we will look at the history of open-source identity management. We will cover the main open-source protocols and standards that shaped it, from its origins to the modern days.

From the basic to advanced concepts of AWS own service for identity and access management: users, groups, permissions for resources and much more. For seriously working with AWS, there’s no way around its Identity and Access Management (IAM) service. Skipping to understand its core principles will bite you again and again in the future️. Take the time to do a deep dive, so you won’t be frustrated later.

The identification of every user making a request to a given system is vital to ensuring that action is only taken by, and information only returned to, those who need it. This happens in two steps: first, the requester is identified (authenticated), and then that identity is used to determine which parts of the application they are allowed to access.

Last year’s IDC’s Cloud Security Survey found that nearly 80 percent of companies polled have suffered at least one cloud data breach in the past 18 months.

This blogpost is a followup to the blogpost Icinga Web permissions and restrictions (how do they work, examples). These two additions provide flexibility to manage web access control..