Adding Infra Access Groups

• Creating an access group lets you enable access to a user or a group of users to all the hosts in the access group with a single instruction/selection.
• A host can be associated with one or more access groups. A host can remain unassociated with an access group as well.
• Infra access groups are created in different ways:
  • Dynamic addition of new Infra access group during host addition in SSH host inventory or Server inventory (excluding AWS EC2 servers) and SSH discovery

  • Manually created through the Infra Access Group tab

    Manually created access groups are just groups and do not have the above-mentioned intelligence. It is meant to create access group on-premises devices as well. See Adding Infra Access Group.

  • Auto-create during the cloud host scan

    Auto-created access groups are created automatically by reading the AWS tags of the host during cloud host discovery. The system forms the groups dynamically based on these AWS tags. The cloud host discovery does a periodic scan.

If Hosts are added to an existing infra access group that is in "Accessible" state or "Partially accessible", The host is automatically provisioned with access and respective users assigned to the infra access group can access the respective host.. (Refer Access Request hub). If Hosts are removed from an infra access group that is in "Accessible" state or "Partially accessible", The application ensures withdrawal of access that was provisioned to the host previously and respective users assigned to the infra access group loses access to the specific host.