SecureCloud Integration

Overview

This feature has been deprecated. It will however remain available for a short time to users that already have a SecureCloud account.

SecureChange can be integrated with SecureCloud, allowing you to create automated Access Request workflows that include Microsoft Azure targets or other cloud-based systems which are monitored by SecureCloud. SecureCloud must be enabled as described in Initial Setup.

Change requests can be handled from on-prem devices to Azure cloud, from Azure cloud to on-prem devices, or even inside Azure cloud, between VNETS, and within the same VNET.

This integration allows you to import Azure ASGs (Application Security Groups) to the source or destination of Access Requests and take full advantage of SecureChange’s automation tools:

  • Auto suggest or manual target selection (in Topology mode)
  • Risk analysis
  • Designer (for on-prem devices only)
  • Provisioning for on-prem by SecureTrack and for Azure-by SecureCloud
  • Automatically provision changes to Azure’s NSGs
  • Verifier (for on-prem devices only)
  • For details of Azure behavior which impacts interaction with SecureChange, see Azure Change Automation Behavior.
  • Connecting SecureChange to SecureCloud

    1. Run the following command with TOS Admin privileges:

      [<ADMIN> ~]$ sudo tos config set -s epc-service -p enabled=true
    2. In SecureChange, go to Settings > SecureCloud / External.

    3. Select Enable Connectivity.

    4. Select SecureCloud and enter the SecureCloud Account name, Username, and Password

      The account must have a role of Global Admin .

    5. Click Save.

    How Do I Get Here?

    SecureChange > Settings > SecureCloud / External