Centralized identity and access management controls
Securely manage identity and access across multiple Amazon Web Services accounts and resources from one central location.
Create fine tuned permissions to fit every user type
Ensure every user has an IAM role with the exact privileges that allow them to perform only the required tasks.
-
Create a series of policies that can be applied quickly and simply to any AWS account.
- Configure permissions to entire user groups who can instantly gain restricted access to a subset of accounts, rather than having to change each account individually.
-
Manage controls via the Stax console or programmatically via the API.
Total visibility and auditing
built-in
Keeping accurate logs and records of access, activity and interactions allows for traceability and sets you up for any audit review.
-
Detailed authentication logging is enabled by default when you start using Stax, so you can track all login attempts from the start.
-
Enforce single sign-on via your company's identity provider for new users while allowing for "break-glass" local accounts.
- Enable multi-factor authentication on local accounts and access reports to provide auditors.
Consistent, centralized security controls
Set and manage guardrails and fine-grain access controls to keep your users and business secure with the Stax Security account.
-
The default Stax AWS Security account can only be accessed by authorized administrators, keeping security controls centralized and safe.
-
All security-related controls are consolidated within this one account to protect usage.
- Use Stax Identity Service to manage access to the Stax AWS management console and API, as well as controlling account single sign-on (AWS SSO) permissions.
- The Stax default IAM policy will keep all your accounts protected, but you can easily define your own and create temporary security credentials whenever necessary.
Monitor and refine permissions over time
Review and easily make changes to permissions to evolve as your business functions grow or get revised.
-
Define new user groups or sync groups from your company identity provider as you make changes.
-
Simplify user provisioning and de-provisioning to AWS by having user and group data from your company identity provider automatically update in Stax.
- Revise and refine permissions based on solid activity data, including last-accessed information, allowing you to work towards a least-privilege access model.
Secure access through the Stax console
Gain streamlined access by using either the Stax console or your existing identity provider. Stax supports federated logins using your existing SAML or OIDC-compliant IAM provider, so you can continue using your current IAM provider for simplicity and consistency for your users and administrators.
Frequently Asked Questions
What is AWS Identity and Access Management?
AWS IAM is a standard feature in every AWS account. It is designed to provide you with a fine-grained level of control over resources and services for an individual user or IAM group, managing everything they are able to access. You can use it to grant access to different AWS accounts and to manage the permissions that are assigned to each account. With advanced Identity and Access Management, AWS also gives you the ability to control access to specific service APIs and resources using configurable AWS IAM policies.
What is an AWS IAM policy?
An IAM policy defines specific permissions and parameters for an action in AWS. This can include giving permission to specific AWS users to access a chosen resource, managing the accessibility of a particular resource for a user group, such as an Amazon S3 bucket. IAM policies also allow you to use access control for individual sessions — for example, if you wanted to create a temporary access user account. Whatever method is used to perform the operation, the access control policy will always apply, preventing unauthorized users from performing actions outside of their remit.
How does Stax help with AWS IAM?
Stax makes it easy for you to control all Stax and AWS access management settings from one central interface. With detailed authentication logs maintained by default, you can easily monitor all user login activity with our AWS-native Cloud Management Platform in a user-friendly, efficient platform. Stax also supports federated logins using your existing IAM provider, simplifying the task of setting up and configuring the AWS Identity and Access Management service. For companies that are in the process of migrating to an AWS Cloud environment, the ability to use an existing IAM provider can save a considerable amount of time and expense, as well as reducing complications for users and administrators alike.
What are the key features of Stax’s Identity and Access Management service?
- Everything is in the Stax Security account: Because the Stax and AWS Identity Service is hosted in the default Stax Security account, it can only be accessed by authorized administrators.
- IAM user groups: Users can be organized into groups, enabling you to quickly assign a particular permission to multiple individuals.
- Full authentication logging: Track all login attempts with detailed authentication logging, which is enabled by default when you start using Stax.
- Centralized control: Manage AWS account access permission for individual APIs and services from one intuitive interface.
- Support for federated logins: If you wish to continue using an existing identity and access management provider, you can do so easily with our federated logins support.
What kind of support is available when using the tool?
We provide full technical support to all of our customers, ensuring that help is always on hand when you need it.
