SlideShare una empresa de Scribd logo

[Final] best practices for access management (mule soft meetups riyadh) - july 2021

S
satyasekhar123

Riyal MuleSoft Meetup - Access Management

Software
1 de 35
Descargar para leer sin conexión
All contents © MuleSoft, LLC Royston Lobo Senior Customer Success Architect, JAPAC Customer Success Strategy and Architecture. Best Practices For Access Management (MuleSoft Meetup - Riyadh) July 2021 Bernard Tay Customer Success Strategy and Architecture Intern, JAPAC Customer Success Strategy and Architecture.
Bernard Tay Customer Success and Strategy Intern @ MuleSoft Royston Lobo Senior Technical Architect, Customer Success @ MuleSoft
All contents © MuleSoft, LLC Agenda 3 ● Why is Access Management important? ● Best Practices ○ Business Groups ○ Audit Logging ○ External Identity Management ○ Teams
All contents © MuleSoft, LLC Why is Access Management important?
All contents © MuleSoft, LLC -
All contents © MuleSoft, LLC Source: Former Employee Admits Hacking, Damaging Cisco Systems
All contents © MuleSoft, LLC IT and HR systems aren’t well integrated Challenges in Access Management 7 Size introduces complexity Audits and Reviews are deprioritised
All contents © MuleSoft, LLC Business Groups
All contents © MuleSoft, LLC Business Groups Business groups are self-contained resource groups that contain Anypoint Platform resources such as applications and APIs. Business groups provide a way to separate and control access to Anypoint Platform resources because users have access only to the business groups in which they have a role.
All contents © MuleSoft, LLC Business Groups
All contents © MuleSoft, LLC Anypoint – Business Groups Hierarchy Anypoint Organisation (master) Business Group 1 Business Group 2 Business Group 3 Sub Business Group 1.1 Sub Business Group 1.2 Sub Business Group 1.1.1 Parent Business Group Anypoint Master Org: The hierarchy model is optional. Best practices is to adapt to your organization’s needs. Child Business Group (sub-group) 11
All contents © MuleSoft, LLC Anypoint – Business Groups Hierarchy House (master) Ground floor Group 1 Upper level Group 2 Garden Group 3 Kitchen 1.1 Guest bedroom 1.2 Kitchen store room 1.1.1 Parent Business Group Anypoint Master Org: The hierarchy model is optional. Best practices is to adapt to your organization’s needs. Child Business Group (sub-group) 12
All contents © MuleSoft, LLC Each parent business group can be allocated; • Prod vCores • Non-Prod vCores • vDesign Cores • VPCs • Static IPs • Environments Anypoint – Business Groups Hierarchy Anypoint Organisation (master) Business Group 1 Business Group 2 Business Group 3 Sub Business Group 1.1 Sub Business Group 1.2 Sub Business Group 1.1.1 Each child business group allows for fine-grained access control. Note: Rights are not inherited from parent business groups
All contents © MuleSoft, LLC Tips ➢ Shared resources should be created in the Master Organisation (root) ○ Eg: VPCs, DLBs ➢ Assets and APIs can be shared between Business Groups
All contents © MuleSoft, LLC Audit Logging
All contents © MuleSoft, LLC
All contents © MuleSoft, LLC Audit logging ● Queryable history of actions performed within the Anypoint Platform ● Retention period of 6 years ● Can be accessed via Audit Logging API or downloaded for longer retention
All contents © MuleSoft, LLC Audit Logs 18
All contents © MuleSoft, LLC Identity Management
All contents © MuleSoft, LLC Introducing Multi-Factor Authentication (MFA) Secure accounts at login in layers Require users to enter two or more factors of evidence to authenticate accounts with password and an additional verification method Balance security and convenience Support for Salesforce Authenticator mobile app, third-party authenticator apps, and security keys Enhance security with additional identity verification at login Available Now jbyrum+cicdservice@mulesoft.com
All contents © MuleSoft, LLC Simple and effective ways to protect your data Secure your user accounts with multi-factor authentication Something you know Login Credentials Something you have MFA
All contents © MuleSoft, LLC Visit Access Management in Anypoint to enable Admins can manage and monitor MFA for users Manage ● Option to require MFA logins for all local Anypoint users ● Easily exclude specific users used for integrations - “service users” ● Revoke MFA from a user, when they lose a device
All contents © MuleSoft, LLC External Identity Management Secure Anypoint Platform control plane by configuring ● OpenID Connect: End-User identity verification by an IdP including SSO ● SAML 2.0: Web based authorization including cross domain SSO OpenID Connect supports ● PingFederate ● OpenAM ● Okta SAML supports ● PingFederate ● OpenAM ● Okta and many more Access Management:
All contents © MuleSoft, LLC SSO (Single Sign On) Configuration Why use SSO? ● IT can define access based on user profile, groups, network, client and consent ● API access can be provisioned as easily as you provision application access ● API dev teams can securely design, develop, test, deploy and operate APIs in hours
All contents © MuleSoft, LLC Application User Page
All contents © MuleSoft, LLC Teams All about Teams - You need to know
All contents © MuleSoft, LLC 27 Why Teams? Customer pain points: ● Difficult to manage users and permission across multiples business groups ● Org admins have to define roles and assign users to roles for each business group ● Not possible to set a global permission ● Unable to share Exchange asset with a specific team
All contents © MuleSoft, LLC 28 What is Teams? Teams provide user grouping mechanisms in Anypoint Platform that enable collaboration and reuse Teams allows for Org Admin to do the following: ● Implement their hierarchical org structure in Anypoint ● Easily assign both global and team-level permissions ● Map SSO groups to Teams
All contents © MuleSoft, LLC Teams for org admins With Teams, org admins can: ● Implement their hierarchical org structure in Anypoint ● Easily assign both global and team-level permissions ● Map SSO groups to Teams
All contents © MuleSoft, LLC ● Set a global permissions for everyone in the organization, such as “Exchange Viewer” ● Set a permission for the “Engineering” team, and it will be inherited by its subteams Set global or team-level permissions
All contents © MuleSoft, LLC Add employees to teams 31 ● Easily add users to teams
All contents © MuleSoft, LLC Business Groups vs Teams 32 Business Groups and Teams work in tandem to provide Anypoint Platform user more flexibility with access control management. Business Group Delegate management and cost allocation within the organization eg. number of vcores per LoB, environments, etc. Teams Group of organization users that reflect a company structure. Allows for the allocation of permission rights as per segregated groups.
All contents © MuleSoft, LLC Demo Access Management - Teams Demo
All contents © MuleSoft, LLC Utilization of SSO Summary slide Using Audit to monitor accounts activities Access Control Management using Teams
All contents © MuleSoft, LLC Thank you

Recomendados

MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys MeetupsMuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
MuleSoft Architecture Presentation
MuleSoft Architecture PresentationMuleSoft Architecture Presentation
MuleSoft Architecture Presentation
Rupesh Sinha
 
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Alfonso Martino
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
Angel Alberici
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Manish Kumar Yadav
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys MeetupsVPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
Object Store V2 Workshop
Object Store V2 WorkshopObject Store V2 Workshop
Object Store V2 Workshop
MuleSoft
 
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
Jitendra Bafna
 

Recomendados

MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys MeetupsMuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
MuleSoft Architecture Presentation
MuleSoft Architecture PresentationMuleSoft Architecture Presentation
MuleSoft Architecture Presentation
Rupesh Sinha
 
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Alfonso Martino
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
Angel Alberici
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Manish Kumar Yadav
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys MeetupsVPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
Object Store V2 Workshop
Object Store V2 WorkshopObject Store V2 Workshop
Object Store V2 Workshop
MuleSoft
 
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
MuleSoft Surat Meetup#41 - Universal API Management, Anypoint Flex Gateway an...
Jitendra Bafna
 
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
Mule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsMule access management - Managing Environments and Permissions
Mule access management - Managing Environments and Permissions
Shanky Gupta
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
Cloudhub 2.0
Cloudhub 2.0Cloudhub 2.0
Cloudhub 2.0
Christopher Co
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
Harish Kumar
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
Anoop Ramachandran
 
Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022
Royston Lobo
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoft
MuleSoft
 
Introduction to CloudHub 2.0
Introduction to CloudHub 2.0Introduction to CloudHub 2.0
Introduction to CloudHub 2.0
NeerajKumar1965
 
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain. What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
Kellton Tech Solutions Ltd
 
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
Royston Lobo
 
Creating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven ArchetypeCreating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven Archetype
Manish Kumar Yadav
 
Introduction to Mulesoft
Introduction to MulesoftIntroduction to Mulesoft
Introduction to Mulesoft
venkata20k
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Anypoint platform architecture and components
Anypoint platform architecture and componentsAnypoint platform architecture and components
Anypoint platform architecture and components
D.Rajesh Kumar
 
MuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft AutomationMuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft Automation
Jitendra Bafna
 
Mule Runtime: Performance Tuning
Mule Runtime: Performance Tuning Mule Runtime: Performance Tuning
Mule Runtime: Performance Tuning
MuleSoft
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
Achyuta Lakshmi
 
2022.06.23 - Sydney Meetup
2022.06.23 - Sydney Meetup2022.06.23 - Sydney Meetup
2022.06.23 - Sydney Meetup
Royston Lobo
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
Ieva Navickaite
 

Más contenido relacionado

La actualidad más candente

SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoft
MuleSoft
 

La actualidad más candente (20)

Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
 
MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
 
Mule access management - Managing Environments and Permissions
Mule access management - Managing Environments and PermissionsMule access management - Managing Environments and Permissions
Mule access management - Managing Environments and Permissions
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
 
Cloudhub 2.0
Cloudhub 2.0Cloudhub 2.0
Cloudhub 2.0
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
 
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
Introduction to Anypoint Runtime Fabric on Amazon Elastic Kubernetes Service ...
 
Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoft
 
Introduction to CloudHub 2.0
Introduction to CloudHub 2.0Introduction to CloudHub 2.0
Introduction to CloudHub 2.0
 
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain. What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
 
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
MuleSoft Online meetup - An expert's guide to Runtime fabric - August 2020
 
Creating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven ArchetypeCreating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven Archetype
 
Introduction to Mulesoft
Introduction to MulesoftIntroduction to Mulesoft
Introduction to Mulesoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
 
Anypoint platform architecture and components
Anypoint platform architecture and componentsAnypoint platform architecture and components
Anypoint platform architecture and components
 
MuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft AutomationMuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft Automation
 
Mule Runtime: Performance Tuning
Mule Runtime: Performance Tuning Mule Runtime: Performance Tuning
Mule Runtime: Performance Tuning
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
 

Similar a [Final] best practices for access management (mule soft meetups riyadh) - july 2021

MuleSoft: How to Engage Partners/Customers and API Led with Alexa
MuleSoft: How to Engage Partners/Customers and API Led with Alexa MuleSoft: How to Engage Partners/Customers and API Led with Alexa
MuleSoft: How to Engage Partners/Customers and API Led with Alexa
Angel Alberici
 
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and SlackDenver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Big Compass
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
WSO2
 

Similar a [Final] best practices for access management (mule soft meetups riyadh) - july 2021 (20)

2022.06.23 - Sydney Meetup
2022.06.23 - Sydney Meetup2022.06.23 - Sydney Meetup
2022.06.23 - Sydney Meetup
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
 
Kochi Mulesoft Meetup #10 - MuleSoft Composer: Connect apps and data easily w...
Kochi Mulesoft Meetup #10 - MuleSoft Composer: Connect apps and data easily w...Kochi Mulesoft Meetup #10 - MuleSoft Composer: Connect apps and data easily w...
Kochi Mulesoft Meetup #10 - MuleSoft Composer: Connect apps and data easily w...
 
mulecomposer.pdf
mulecomposer.pdfmulecomposer.pdf
mulecomposer.pdf
 
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare SolutionsUnleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
 
MuleSoft: How to Engage Partners/Customers and API Led with Alexa
MuleSoft: How to Engage Partners/Customers and API Led with Alexa MuleSoft: How to Engage Partners/Customers and API Led with Alexa
MuleSoft: How to Engage Partners/Customers and API Led with Alexa
 
MuleSoft Composer: Connect apps and data easily with clicks, not code
MuleSoft Composer: Connect apps and data easily with clicks, not codeMuleSoft Composer: Connect apps and data easily with clicks, not code
MuleSoft Composer: Connect apps and data easily with clicks, not code
 
Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020
 
Singapore MuleSoft Meetup - 23 Nov 2022
Singapore MuleSoft Meetup - 23 Nov 2022Singapore MuleSoft Meetup - 23 Nov 2022
Singapore MuleSoft Meetup - 23 Nov 2022
 
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
 
Melbourne Virtual MuleSoft Meetup November 2020
Melbourne Virtual MuleSoft Meetup November 2020Melbourne Virtual MuleSoft Meetup November 2020
Melbourne Virtual MuleSoft Meetup November 2020
 
011 Neo4j Ops Manager Intro and Roadmap - NODES2022 AMERICAS Advanced 3 - Chr...
011 Neo4j Ops Manager Intro and Roadmap - NODES2022 AMERICAS Advanced 3 - Chr...011 Neo4j Ops Manager Intro and Roadmap - NODES2022 AMERICAS Advanced 3 - Chr...
011 Neo4j Ops Manager Intro and Roadmap - NODES2022 AMERICAS Advanced 3 - Chr...
 
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and SlackDenver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
 
MuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsMuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIs
 
MuleSoft Meetup Charlotte 2019
MuleSoft Meetup Charlotte 2019MuleSoft Meetup Charlotte 2019
MuleSoft Meetup Charlotte 2019
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
 
Mulesoft Indore meetup #1
Mulesoft Indore meetup #1Mulesoft Indore meetup #1
Mulesoft Indore meetup #1
 
MuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteMuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_Charlotte
 
WHISHWORKS-MuleSoft Hyderabad Meetup -Oct 2018
WHISHWORKS-MuleSoft Hyderabad Meetup -Oct 2018WHISHWORKS-MuleSoft Hyderabad Meetup -Oct 2018
WHISHWORKS-MuleSoft Hyderabad Meetup -Oct 2018
 
Atlassian Executive Business Forum - LinkedIn HQ
Atlassian Executive Business Forum - LinkedIn HQAtlassian Executive Business Forum - LinkedIn HQ
Atlassian Executive Business Forum - LinkedIn HQ
 

Más de satyasekhar123

Más de satyasekhar123 (10)

MuleSoft Meetup Dubai Anypoint security with api-led Connectivity
MuleSoft Meetup Dubai Anypoint security with api-led ConnectivityMuleSoft Meetup Dubai Anypoint security with api-led Connectivity
MuleSoft Meetup Dubai Anypoint security with api-led Connectivity
 
Mule soft meetup__dubai_12_june- Error Handling
Mule soft meetup__dubai_12_june- Error HandlingMule soft meetup__dubai_12_june- Error Handling
Mule soft meetup__dubai_12_june- Error Handling
 
Mule soft meetup__riyadh_08_nov_2020
Mule soft meetup__riyadh_08_nov_2020Mule soft meetup__riyadh_08_nov_2020
Mule soft meetup__riyadh_08_nov_2020
 
Dubai meetup- Anypoint Runtime Fabric
Dubai meetup- Anypoint Runtime FabricDubai meetup- Anypoint Runtime Fabric
Dubai meetup- Anypoint Runtime Fabric
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code review
 
Mule soft riyadh virtual meetup_30_aug
Mule soft riyadh virtual meetup_30_augMule soft riyadh virtual meetup_30_aug
Mule soft riyadh virtual meetup_30_aug
 
Mule soft riyadh virtual meetup_25_jul
Mule soft riyadh virtual meetup_25_julMule soft riyadh virtual meetup_25_jul
Mule soft riyadh virtual meetup_25_jul
 
Hello
HelloHello
Hello
 
Managing_Alfresco_Content_from_within_MS_Office_for_Enterprise.PPTX
Managing_Alfresco_Content_from_within_MS_Office_for_Enterprise.PPTXManaging_Alfresco_Content_from_within_MS_Office_for_Enterprise.PPTX
Managing_Alfresco_Content_from_within_MS_Office_for_Enterprise.PPTX
 
WebClient Customization.pdf
WebClient Customization.pdfWebClient Customization.pdf
WebClient Customization.pdf
 

Último

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 

Último (20)

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 

[Final] best practices for access management (mule soft meetups riyadh) - july 2021

  • 1. All contents © MuleSoft, LLC Royston Lobo Senior Customer Success Architect, JAPAC Customer Success Strategy and Architecture. Best Practices For Access Management (MuleSoft Meetup - Riyadh) July 2021 Bernard Tay Customer Success Strategy and Architecture Intern, JAPAC Customer Success Strategy and Architecture.
  • 2. Bernard Tay Customer Success and Strategy Intern @ MuleSoft Royston Lobo Senior Technical Architect, Customer Success @ MuleSoft
  • 3. All contents © MuleSoft, LLC Agenda 3 ● Why is Access Management important? ● Best Practices ○ Business Groups ○ Audit Logging ○ External Identity Management ○ Teams
  • 4. All contents © MuleSoft, LLC Why is Access Management important?
  • 5. All contents © MuleSoft, LLC -
  • 6. All contents © MuleSoft, LLC Source: Former Employee Admits Hacking, Damaging Cisco Systems
  • 7. All contents © MuleSoft, LLC IT and HR systems aren’t well integrated Challenges in Access Management 7 Size introduces complexity Audits and Reviews are deprioritised
  • 8. All contents © MuleSoft, LLC Business Groups
  • 9. All contents © MuleSoft, LLC Business Groups Business groups are self-contained resource groups that contain Anypoint Platform resources such as applications and APIs. Business groups provide a way to separate and control access to Anypoint Platform resources because users have access only to the business groups in which they have a role.
  • 10. All contents © MuleSoft, LLC Business Groups
  • 11. All contents © MuleSoft, LLC Anypoint – Business Groups Hierarchy Anypoint Organisation (master) Business Group 1 Business Group 2 Business Group 3 Sub Business Group 1.1 Sub Business Group 1.2 Sub Business Group 1.1.1 Parent Business Group Anypoint Master Org: The hierarchy model is optional. Best practices is to adapt to your organization’s needs. Child Business Group (sub-group) 11
  • 12. All contents © MuleSoft, LLC Anypoint – Business Groups Hierarchy House (master) Ground floor Group 1 Upper level Group 2 Garden Group 3 Kitchen 1.1 Guest bedroom 1.2 Kitchen store room 1.1.1 Parent Business Group Anypoint Master Org: The hierarchy model is optional. Best practices is to adapt to your organization’s needs. Child Business Group (sub-group) 12
  • 13. All contents © MuleSoft, LLC Each parent business group can be allocated; • Prod vCores • Non-Prod vCores • vDesign Cores • VPCs • Static IPs • Environments Anypoint – Business Groups Hierarchy Anypoint Organisation (master) Business Group 1 Business Group 2 Business Group 3 Sub Business Group 1.1 Sub Business Group 1.2 Sub Business Group 1.1.1 Each child business group allows for fine-grained access control. Note: Rights are not inherited from parent business groups
  • 14. All contents © MuleSoft, LLC Tips ➢ Shared resources should be created in the Master Organisation (root) ○ Eg: VPCs, DLBs ➢ Assets and APIs can be shared between Business Groups
  • 15. All contents © MuleSoft, LLC Audit Logging
  • 16. All contents © MuleSoft, LLC
  • 17. All contents © MuleSoft, LLC Audit logging ● Queryable history of actions performed within the Anypoint Platform ● Retention period of 6 years ● Can be accessed via Audit Logging API or downloaded for longer retention
  • 18. All contents © MuleSoft, LLC Audit Logs 18
  • 19. All contents © MuleSoft, LLC Identity Management
  • 20. All contents © MuleSoft, LLC Introducing Multi-Factor Authentication (MFA) Secure accounts at login in layers Require users to enter two or more factors of evidence to authenticate accounts with password and an additional verification method Balance security and convenience Support for Salesforce Authenticator mobile app, third-party authenticator apps, and security keys Enhance security with additional identity verification at login Available Now jbyrum+cicdservice@mulesoft.com
  • 21. All contents © MuleSoft, LLC Simple and effective ways to protect your data Secure your user accounts with multi-factor authentication Something you know Login Credentials Something you have MFA
  • 22. All contents © MuleSoft, LLC Visit Access Management in Anypoint to enable Admins can manage and monitor MFA for users Manage ● Option to require MFA logins for all local Anypoint users ● Easily exclude specific users used for integrations - “service users” ● Revoke MFA from a user, when they lose a device
  • 23. All contents © MuleSoft, LLC External Identity Management Secure Anypoint Platform control plane by configuring ● OpenID Connect: End-User identity verification by an IdP including SSO ● SAML 2.0: Web based authorization including cross domain SSO OpenID Connect supports ● PingFederate ● OpenAM ● Okta SAML supports ● PingFederate ● OpenAM ● Okta and many more Access Management:
  • 24. All contents © MuleSoft, LLC SSO (Single Sign On) Configuration Why use SSO? ● IT can define access based on user profile, groups, network, client and consent ● API access can be provisioned as easily as you provision application access ● API dev teams can securely design, develop, test, deploy and operate APIs in hours
  • 25. All contents © MuleSoft, LLC Application User Page
  • 26. All contents © MuleSoft, LLC Teams All about Teams - You need to know
  • 27. All contents © MuleSoft, LLC 27 Why Teams? Customer pain points: ● Difficult to manage users and permission across multiples business groups ● Org admins have to define roles and assign users to roles for each business group ● Not possible to set a global permission ● Unable to share Exchange asset with a specific team
  • 28. All contents © MuleSoft, LLC 28 What is Teams? Teams provide user grouping mechanisms in Anypoint Platform that enable collaboration and reuse Teams allows for Org Admin to do the following: ● Implement their hierarchical org structure in Anypoint ● Easily assign both global and team-level permissions ● Map SSO groups to Teams
  • 29. All contents © MuleSoft, LLC Teams for org admins With Teams, org admins can: ● Implement their hierarchical org structure in Anypoint ● Easily assign both global and team-level permissions ● Map SSO groups to Teams
  • 30. All contents © MuleSoft, LLC ● Set a global permissions for everyone in the organization, such as “Exchange Viewer” ● Set a permission for the “Engineering” team, and it will be inherited by its subteams Set global or team-level permissions
  • 31. All contents © MuleSoft, LLC Add employees to teams 31 ● Easily add users to teams
  • 32. All contents © MuleSoft, LLC Business Groups vs Teams 32 Business Groups and Teams work in tandem to provide Anypoint Platform user more flexibility with access control management. Business Group Delegate management and cost allocation within the organization eg. number of vcores per LoB, environments, etc. Teams Group of organization users that reflect a company structure. Allows for the allocation of permission rights as per segregated groups.
  • 33. All contents © MuleSoft, LLC Demo Access Management - Teams Demo
  • 34. All contents © MuleSoft, LLC Utilization of SSO Summary slide Using Audit to monitor accounts activities Access Control Management using Teams
  • 35. All contents © MuleSoft, LLC Thank you