Skip to main content

Glossary

Glossary

Group

A collection of users.

Identity

An entity that is used to identify and group people or machines.

Identity and Access Management (IAM)

IAM refers to the cloud service that controls the permissions and access for users and cloud resources. In the cloud, “identity is the new perimeter”, making IAM a core piece to secure your cloud environment.

Policy

Sometimes referred to as “Entitlements”. These are entities that contain the permissions for what actions can be done on which resources/services and under what conditions.

  • Policy - for AWS and Azure

  • Role - for Google Cloud Platform (GCP)

Resource

A specific instance of a Cloud service. Example: arn:aws:s3:::test-public-s3bucket-demo-1234

Role

An identity that is assigned specific permissions. Instead of uniquely associated with one person, a role is intended to be assumable by anyone who needs it. Learn more.

Service Account

An identity that represents a machine or application.

Tags

Tags are key and value pairs that act as metadata for organizing your resources.

  • Tags - for AWS and Azure

  • Labels - for Google Cloud Platform (GCP)

User

An entity that is created in the Cloud Environment to represent a person or application.

  • AWS - person, application or machine

  • Azure / GCP - person only. For machine/application, refer to Service Account.

In this section: