This page provides an of all administrative capabilities available in your Aembit Tenant.
Admin dashboard
Section titled “Admin dashboard”The Admin dashboard serves as your command center for monitoring the health and activity of your Aembit deployment. It provides real-time visibility into workload connections, credential usage, and potential security issues. This visibility allows you to identify and address operational concerns.
The Admin dashboard provides:
-
Summary metrics for configured workloads and entities
-
Workload event history with severity indicators
-
Client and Server Workloads connection metrics
-
Credential usage analytics
-
Application protocol distribution
-
Access condition failure monitoring
User management
Section titled “User management”User management in Aembit allows you to control who can access your Aembit Tenant and what actions they can perform. This capability is essential for implementing the principle of least privilege and making sure you have proper separation of duties within your organization.
User management features include:
-
Add users with specific roles and contact information
-
Configure external authentication options
-
Manage user credentials and access rights
Roles and permissions
Section titled “Roles and permissions”Aembit’s role-based access control system allows you to create customized roles with precise permissions. This enables you to delegate administrative responsibilities without granting excessive privileges. This granular approach to access control helps maintain security while supporting collaborative administration.
Role-based access control provides:
-
Create specialized roles beyond default SuperAdmin and Auditor
-
Configure granular permissions for each role
-
Integrate with Resource Sets for multi-tenancy
Identity providers
Section titled “Identity providers”Identity provider integration allows you to leverage your existing identity infrastructure with Aembit. By connecting your corporate identity provider, you can make sure consistent authentication policies across your organization. This integration simplifies user management through automatic provisioning and role mapping.
Identity provider integration enables:
-
Connect with SAML 2.0 providers (Okta, Google, Microsoft Entra ID)
-
Enable Single Sign-On (SSO) authentication
-
Configure SSO automatic user creation for new users
Resource Sets
Section titled “Resource Sets”Resource Sets provide powerful multi-tenancy capabilities, allowing you to segment your Aembit environment for different teams, applications, or business units. This isolation makes sure administrators can only manage resources within their assigned domains. It supports organizational boundaries while maintaining centralized oversight.
Resource Sets allow you to:
-
Add workloads and resources to specific sets
-
Assign roles for managing each Resource Set
-
Deploy Resource Sets using specific methods
Log streams
Section titled “Log streams”Log streams extend Aembit’s audit and monitoring capabilities by forwarding logs to external systems. This enables long-term storage, analysis, and compliance reporting. The integration with your existing security monitoring infrastructure allows Aembit activity to become part of your organization’s overall security operations.
Log streams allow you to:
-
Forward logs to AWS S3 buckets
-
Export logs to Google Cloud Storage
-
Configure multiple stream types for different log categories
Sign-on policy
Section titled “Sign-on policy”Sign-on policy controls how administrators authenticate to the Aembit platform. This central configuration point allows you to enforce strong authentication requirements. It makes sure that access to this privileged system follows your organization’s security standards.
The Sign-on policy page allows you to:
-
Configure SSO enforcement requirements
-
Set up multi-factor authentication policies
-
Manage authentication grace periods