Cloud Deployment :: On-premise ACLs to Cloud Access Profile Mapping

1. Introduction

This document is steps to communicate ACL’s present in Integration server to communicate access profiles in CD.

2. Add groups to ACL’s

Things to do on-prem:

Login to IS and navigate to security -> ACL’s, it will list down all ACL’s in the dropdown.

Pick the KSUTestACL from the list and click on Add

After clicking on Add select the Role Administrator and Save changes.

Deploy these ACL’s to cloud using the designer.

Solution Name: KSUTest (Solution created in cloud deployment before)

Things to do in Cloud:

Verify the ACL’s are migrated to cloud by navigating to Solutions -> Click on KSUTest and then Manage-> Administration -> Security -> ACLs

Select the KSUTest ACL and verify it has Administrator Role.

Add group to access profile:

Navigate to access profile by clicking on gear icon and clicking on Access Profiles.

Select the access profile eg: test and Edit and under Solution Permissions

Provide the Administrator next to Solution (shown above) click Apply.

When migrating from on-premise infrastructure to the cloud, it is essential to ensure that the access controls are appropriately configured to maintain the security of the system. Access control lists (ACLs) are used in on-premise infrastructure to define who can access what resources. In the cloud, access is managed through cloud access profiles, which specify the permissions of users and groups.

To map on-premise ACLs to cloud access profiles, the following steps can be taken:

  1. Identify the ACLs used in the on-premise infrastructure: The first step is to identify the access control lists used in the on-premise infrastructure. This can include firewall rules, network access controls, and file system permissions.
  2. Map the ACLs to cloud resources: Once the ACLs have been identified, they need to be mapped to the corresponding cloud resources. This may involve mapping firewall rules to security groups, network access controls to virtual private cloud (VPC) settings, and file system permissions to object storage access policies.
  3. Define cloud access profiles: Cloud access profiles need to be defined to manage access to the cloud resources. These profiles should be based on the mapped ACLs and should include permissions for users and groups to access the resources.
  4. Test and refine: Once the access profiles have been defined, it is important to test them to ensure they are working as intended. Any issues or gaps in the access control should be identified and addressed.
  5. Document and maintain: Finally, it is important to document the access control configuration and maintain it going forward. This will help ensure that the system remains secure and that any changes to the access control are properly managed.

Overall, mapping on-premise ACLs to cloud access profiles is an essential step in ensuring the security of a cloud deployment. By taking a methodical approach to mapping, defining, testing, and maintaining access controls, organizations can ensure that their cloud resources are secure and accessible only to authorized users and groups.