New FinOps Capabilities Kion Strengthens Multicloud Capabilities with New Support for FOCUS and Oracle Cloud Infrastructure Read the press release

Feature Friday Automation & Orchestration Continuous Compliance

Feature Friday: SAML User Group Association

John Hall

2 min read

Last updated on September 20th, 2023 at 10:24am

Cloud enablement is about eliminating mundane gruntwork in the cloud through the power of automation. One of the areas that Kion does this is with permissions. Kion not only makes user permissions across cloud providers easy with cloud access roles but also helps eliminate duplicate effort when associating SAML users into Kion user groups. Kion allows users to log in using a SAML provider and while you can manually assign SAML users into Kion user groups like you can do with any other users in the Kion platform, usually, there has already been some effort inside of the identity provider that makes it easy to map SAML users to Kion user groups automatically. This ensures SAML users have the proper permissions inside of Kion without assigning them manually.

Adding a new project is simple as long as you have the requisite roles and permissions to create new projects.

Creating a New User Group Association

  1. From the "Identity Management Systems" page, select the "User Group Associations" tab.
  2. Select "Add".
  3. Under the "Name" field, enter the modifier that will be used to associate SAML users to Kion groups. To associate members of an existing group within your SAML provider, use "memberOf".
  4. Under "Regex" enter the name of the group within your SAML provider.
  5. Under "User Group", select the Kion group that you want to associate to.
  6. Select "Update on Login" to ensure Kion checks to see when users are added and removed from the group in your SAML provider.
  7. Select "Add".

SAML users that are members of the given group in your identity provider will now be associated to the chosen group in Kion upon logging in to the platform. They will also be removed from these groups as they are removed from the group in your SAML provider. This helps ensure that users automatically have the correct permissions at all times.

If you'd like to see a demo of Kion's other IAM features or how we can streamline account provisioning, please contact one of our experts.

Talk to an expert

About the Author

John Hall

John is a Customer Engineering Manager at Kion.

Start your cloud operations journey.

Request a demo today,