# Aembit Documentation > Aembit is a Workload Identity and Access Management (IAM) platform that secures interactions between applications and > APIs. It manages access between client workloads (applications that need access) and server workloads (services being > accessed) through configurable policies, trust providers, and credential providers. ## Key Concepts - **Workload IAM**: Identity and access management for workloads (applications, APIs, services) - **Client Workloads**: Applications that access services - **Server Workloads**: Applications that serve requests - **Access Policies**: Rules determining when access is granted - **Trust Providers**: Third-party systems that attest to workload identities - **Access Conditions**: Criteria like security posture or location - **Credential Providers**: Systems that supply authentication credentials ## Get Started - [Conceptual overview](/get-started/concepts): This page provides a high-level conceptual overview of Aembit and its components - [Access Conditions overview](/get-started/concepts/access-conditions): Description of Access Conditions and how they work - [Access Policies overview](/get-started/concepts/access-policies): Description of Access Policies, their components, and how they work - [Aembit administration](/get-started/concepts/administration): Discover Aembit's administration capabilities - [About Aembit Cloud](/get-started/concepts/aembit-cloud): A high-level overview of Aembit Cloud's purpose and its features - [About Aembit Edge](/get-started/concepts/aembit-edge): A high-level overview of Aembit Edge's purpose and its features - [Auditing and reporting](/get-started/concepts/audit-report): A high-level overview of Aembit's auditing and reporting capabilities - [Client Workloads](/get-started/concepts/client-workloads): Client Workloads overview - [Credential Providers overview](/get-started/concepts/credential-providers): Overview of Credential Providers and their role in Aembit - [Scaling Aembit with Terraform](/get-started/concepts/scaling-terraform): Description of how to scale with the Aembit Terraform provider - [Server Workloads overview](/get-started/concepts/server-workloads): Overview of Server Workloads and their role in Aembit - [Trust Providers overview](/get-started/concepts/trust-providers): Overview of Trust Providers and their role in Aembit - [Proof of Concept](/get-started/customer-poc): This page provides customers with the steps needed to evaluate Aembit's platform and product - [How Aembit works](/get-started/how-aembit-works): Aembit's core concepts and how they work - [Quickstart: Access Policy enhancements](/get-started/quickstart/quickstart-access-policy): Enhancing the Aembit quickstart guide to set up a Trust Provider, Access Conditions, and reporting - [Quickstart: Aembit core setup](/get-started/quickstart/quickstart-core): Aembit's quickstart guide - practical experience automating and securing access between workloads - [Aembit security posture](/get-started/security-posture): Description of ow Aembit approaches, implements, and maintains security - [Aembit software architecture](/get-started/security-posture/architecture): Explanation and illustration of Aembit's software architecture - [Security compliance](/get-started/security-posture/security-compliance): Overview of Aembit's security posture and compliance - [Aembit in your threat model](/get-started/security-posture/threat-model): How and where Aembit fits into your threat model - [Aembit tutorials overview](/get-started/tutorials): Learn about how to configure, deploy, and scale Aembit - [Tutorial - Deploying on Kubernetes](/get-started/tutorials/tutorial-k8s): Tutorial explaining how to deploy Aembit Edge Components on Kubernetes - [Tutorial - Scaling with the Aembit Terraform provider](/get-started/tutorials/tutorial-terraform): Tutorial explaining how to scale Aembit with the Aembit Terraform provider - [Tutorial - Deploying on virtual machines](/get-started/tutorials/tutorial-vms): Tutorial explaining how to deploy Aembit Edge Components on virtual machines - [Aembit use cases](/get-started/use-cases): This page describes common use cases for Aembit - [Using Aembit in CI/CD environments](/get-started/use-cases/ci-cd): How Aembit secures NHI access in CI/CD environments - [Using Aembit to manage credentials](/get-started/use-cases/credentials): How Aembit enables you to centrally manage and control credentials in your environments - [Using Aembit to secure your microservices](/get-started/use-cases/microservices-security): How Aembit secures NHI access between microservices - [Using Aembit in multicloud environments](/get-started/use-cases/multicloud): How Aembit secures NHI access in multicloud environments - [Using Aembit to secure third-party access](/get-started/use-cases/third-party-access): How Aembit secures third-party access to your environment ## User Guide/deploy Install - [About the Aembit Agent Controller](/user-guide/deploy-install/about-agent-controller): About the Aembit Agent Controller and how it works - [About the Aembit Agent Proxy](/user-guide/deploy-install/about-agent-proxy): About the Aembit Agent Proxy and how it works - [About Colocating Aembit Edge Components](/user-guide/deploy-install/about-colocating-edge-components): Considerations and best practices if colocating Aembit Edge Components - [Advanced deployment options](/user-guide/deploy-install/advanced-options): Advanced deployment options for Aembit deployments - [Aembit Edge Prometheus-compatible metrics](/user-guide/deploy-install/advanced-options/aembit-edge-prometheus-compatible-metrics): How to view Aembit Edge Prometheus-compatible metrics - [Agent Controller High Availability](/user-guide/deploy-install/advanced-options/agent-controller/agent-controller-high-availability): How to install and configure Agent Controllers in a high availability configuration - [Configure Agent Controller TLS with Aembit's PKI](/user-guide/deploy-install/advanced-options/agent-controller/configure-aembit-pki-agent-controller-tls): How to configure Agent Controller TLS with Aembit's PKI in Kubernetes and Virtual Machine deployments - [Configure a custom PKI-based Agent Controller TLS](/user-guide/deploy-install/advanced-options/agent-controller/configure-customer-pki-agent-controller-tls): How to configure a custom PKI-based Agent Controller TLS in Kubernetes and Virtual Machine deployments - [How to create an Agent Controller](/user-guide/deploy-install/advanced-options/agent-controller/create-agent-controller) - [How to shutdown Agent Proxy using HTTP](/user-guide/deploy-install/advanced-options/agent-proxy/agent-proxy-shutdown): How to shut down the Agent Proxy using HTTP - [Agent Proxy termination strategy](/user-guide/deploy-install/advanced-options/agent-proxy/agent-proxy-termination-strategy): Learn about Agent Proxy's termination strategies across different environments and how to configure the AEMBIT_SIGTERM_STRATEGY variable - [AWS Relational Database Service (RDS) Certificates](/user-guide/deploy-install/advanced-options/agent-proxy/aws-rds): How to install AWS RDS Certificate to Agent Proxy to make it trust the AWS RDS Certificate - [How to configure explicit steering](/user-guide/deploy-install/advanced-options/agent-proxy/explicit-steering): How to use the Explicit Steering feature to direct specific traffic to the Agent Proxy - [About traffic steering methods](/user-guide/deploy-install/advanced-options/agent-proxy/steering): How different traffic steering methods and how to configure them for various deployment models - [How to change Edge Component log levels](/user-guide/deploy-install/advanced-options/changing-agent-log-levels): How to change the log levels of Aembit's Edge Components - [About TLS Decrypt](/user-guide/deploy-install/advanced-options/tls-decrypt): Overview of how TLS Decrypt works - [About Standalone CA for TLS Decrypt](/user-guide/deploy-install/advanced-options/tls-decrypt/about-tls-decrypt-standalone-ca): How to configure TLS Decrypt with a Standalone CA - [Configure TLS Decrypt](/user-guide/deploy-install/advanced-options/tls-decrypt/configure-tls-decrypt): How to configure TLS Decrypt when using HTTPS or Redis over TLS - [How to configure a Standalone CA](/user-guide/deploy-install/advanced-options/tls-decrypt/configure-tls-decrypt-standalone-ca): How to configure Standalone CA for TLS Decrypt - [How to trust certificates issued by private CAs](/user-guide/deploy-install/advanced-options/trusting-private-cas): How to configure Aembit Edge components to trust certificates issued by private CAs - [Aembit Components and Packages](/user-guide/deploy-install/components-packages): Comparison of Aembit components and packages - [Edge Component container image best practices](/user-guide/deploy-install/container-image-best-practices): Best practices for deploying official Aembit container images - [How to deploy to Kubernetes](/user-guide/deploy-install/kubernetes/kubernetes): How to deploy Aembit Edge Components in a Kubernetes environment - [Aembit Edge on serverless services](/user-guide/deploy-install/serverless): Guides and topics about deploying Aembit Edge Components on serverless services functions and CI/CD - [Deploying to AWS ECS Fargate](/user-guide/deploy-install/serverless/aws-ecs-fargate): How to deploy Aembit Edge Components in a ECS Fargate environment - [AWS EKS Fargate](/user-guide/deploy-install/serverless/aws-eks-fargate): Aembit Edge Component deployment considerations in an EKS Fargate environment - [AWS Lambda Container](/user-guide/deploy-install/serverless/aws-lambda-container): This page describes the steps required to deploy Aembit Edge Components in an AWS Lambda container environment. - [GitHub Actions](/user-guide/deploy-install/serverless/github-actions): This page describes the steps required to deploy Aembit Edge Components in a GitHub environment. - [GitLab Jobs](/user-guide/deploy-install/serverless/gitlab-jobs): This page describes the steps required to deploy Aembit Edge Components in a GitLab environment. - [Aembit Edge on virtual appliances](/user-guide/deploy-install/virtual-appliances): Guides and topics about deploying Aembit Edge Components on virtual appliances - [Virtual Appliance](/user-guide/deploy-install/virtual-appliances/virtual-appliance): This page describes the steps required to deploy the Aembit Edge components as a virtual appliance. - [Deploying Aembit Edge on VMs](/user-guide/deploy-install/virtual-machine): Guides and topics about deploying Aembit Edge Components on virtual machines (VMs) - [How to set up Agent Controller on Linux](/user-guide/deploy-install/virtual-machine/linux/agent-controller-install-linux): How to set up Aembit Agent Controller on Linux - [How to set up Agent Proxy on a Linux VM](/user-guide/deploy-install/virtual-machine/linux/agent-proxy-install-linux): How to set up Aembit Agent Proxy on a Linux virtual machine (VM) - [How to configure Agent Proxy on SELinux or RHEL](/user-guide/deploy-install/virtual-machine/linux/agent-proxy-selinux-config): How configure Agent Proxy on SELinux or RedHat Enterprise Linux (RHEL) - [How to set up Agent Controller on Windows Server](/user-guide/deploy-install/virtual-machine/windows/agent-controller-install-windows): How to set up Aembit Agent Controller on Windows Server - [How to set up Agent Proxy on Windows Server](/user-guide/deploy-install/virtual-machine/windows/agent-proxy-install-windows): How to set up Aembit Agent Proxy on Windows Server ## User Guide/discovery - [Managing discovered workloads](/user-guide/discovery/managing-discovered-workloads): How to manage workloads found through Aembit Discovery - [Discovery Sources overview](/user-guide/discovery/sources): Available Discovery Sources in Aembit - [Aembit Edge Discovery Source](/user-guide/discovery/sources/aembit-edge): How Aembit discovers workloads using the Aembit Edge Discovery Source - [Wiz Discovery Source](/user-guide/discovery/sources/wiz): How Aembit discovers workloads using the Wiz Discovery Source ## User Guide/access Policies - [Access Conditions](/user-guide/access-policies/access-conditions): This document provides a high-level description of Access Conditions - [Access Conditions for GeoIP Restriction](/user-guide/access-policies/access-conditions/aembit-geoip): This document provides a description on how to setup and configure an Access Condition for a GeoIP Restriction. - [Aembit Time Condition](/user-guide/access-policies/access-conditions/aembit-time-condition): This page describes how to create an Access Condition for a specific Time Condition. - [Access Condition for CrowdStrike](/user-guide/access-policies/access-conditions/crowdstrike): This page describes how to create an Access Condition for a CrowdStrike integration. - [Access Condition integrations overview](/user-guide/access-policies/access-conditions/integrations): Overview of Access Condition integrations and how they work - [CrowdStrike Integration](/user-guide/access-policies/access-conditions/integrations/crowdstrike): This page describes how to integrate CrowdStrike with Aembit. - [Wiz Integration](/user-guide/access-policies/access-conditions/integrations/wiz): This page describes how to integrate Wiz with Aembit. - [Access Condition for Wiz](/user-guide/access-policies/access-conditions/wiz): This page describes how to create an Access Condition for a Wiz integration. - [Access Policy advanced options](/user-guide/access-policies/advanced-options): Advanced options for Aembit Access Policies - [Scaling Aembit with Terraform](/user-guide/access-policies/advanced-options/terraform): Information and guides about scaling Aembit with Terraform - [Configuration with Terraform](/user-guide/access-policies/advanced-options/terraform/terraform-configuration): How to use the Aembit Terraform Provider to configure Aembit Cloud resources - [Client Workloads](/user-guide/access-policies/client-workloads): This document provides a high-level description of Client Workloads - [Client Workload Identification](/user-guide/access-policies/client-workloads/identification): This document provides a high-level description of Client Workload Identification - [Aembit Client ID](/user-guide/access-policies/client-workloads/identification/aembit-client-id): This document outlines the Aembit Client ID method for identifying Client Workloads. - [AWS Lambda ARN](/user-guide/access-policies/client-workloads/identification/aws-lambda-arn): This document outlines how to identify Client Workloads using AWS Lambda ARN for AWS Lambda container deployments. - [Client Workload multiple identifiers](/user-guide/access-policies/client-workloads/identification/client-workload-multiple-ids): This page describes how to use multiple client identifiers for identifying Client Workloads. - [GitHub ID Token Repository](/user-guide/access-policies/client-workloads/identification/github-id-token-repository): This page describes how the GitHub ID Token Repository method identifies Client Workloads in Aembit. - [GitHub ID Token Subject](/user-guide/access-policies/client-workloads/identification/github-id-token-subject): This page describes how the GitHub ID Token Subject method identifies Client Workloads in Aembit. - [GitLab ID Token Namespace Path](/user-guide/access-policies/client-workloads/identification/gitlab-id-token-namespace-path): This page describes how the GitLab ID Token Namespace Path method identifies Client Workloads in Aembit. - [GitLab ID Token Project Path](/user-guide/access-policies/client-workloads/identification/gitlab-id-token-project-path): This page describes how the GitLab ID Token Project Path method identifies Client Workloads in Aembit. - [GitLab ID Token Ref Path](/user-guide/access-policies/client-workloads/identification/gitlab-id-token-ref-path): This page describes how the GitLab ID Token Ref Path method identifies Client Workloads in Aembit. - [GitLab ID Token Subject](/user-guide/access-policies/client-workloads/identification/gitlab-id-token-subject): This page describes how the GitLab ID Token Subject method identifies Client Workloads in Aembit. - [Hostname](/user-guide/access-policies/client-workloads/identification/hostname): This document describes how the Hostname method identifies Client Workloads in Aembit for Virtual Machine deployments. - [Kubernetes Pod Name](/user-guide/access-policies/client-workloads/identification/kubernetes-pod-name): This document describes how the Kubernetes Pod Name Prefix method identifies Client Workloads in Aembit. - [Kubernetes Pod Name Prefix](/user-guide/access-policies/client-workloads/identification/kubernetes-pod-name-prefix): This document describes how the Kubernetes Pod Name Prefix method identifies Client Workloads in Aembit. - [Process Name](/user-guide/access-policies/client-workloads/identification/process-name): This document describes how the Process Name method identifies Client Workloads in Aembit for Virtual Machine deployments. - [Credential Providers](/user-guide/access-policies/credential-providers): This document provides a high-level description of Credential Providers - [Configure Dynamic Claims](/user-guide/access-policies/credential-providers/advanced-options/dynamic-claims): This page describes the dynamic claims feature. - [Configure multiple Credential Providers](/user-guide/access-policies/credential-providers/advanced-options/multiple-credential-providers): How to configure multiple Credential Providers to map to an Access Policy - [Configure multiple Credential Providers with Aembit's Terraform Provider](/user-guide/access-policies/credential-providers/advanced-options/multiple-credential-providers-terraform): How to configure multiple Credential Providers to map to an Aembit Terraform Provider - [Configure an Aembit Access Token Credential Provider](/user-guide/access-policies/credential-providers/aembit-access-token): How to create and use an Aembit Access Token Credential Provider - [Configure an API Key Credential Provider](/user-guide/access-policies/credential-providers/api-key): How to create and use an API Key Credential Provider - [Configure an AWS STS Federation Credential Provider](/user-guide/access-policies/credential-providers/aws-security-token-service-federation): How to add and use the AWS Security Token Service (STS) Federation Credential Provider with Server Workloads - [How Aembit uses AWS SigV4 and SigV4a](/user-guide/access-policies/credential-providers/aws-sigv4): How Aembit's Credential Provider for AWS STS works with the AWS SigV4 and Sigv4a request signing protocols - [Configure an Azure Entra WIF Credential Provider](/user-guide/access-policies/credential-providers/azure-entra-workload-identity-federation): This page describes the Azure Entra Workload Identity Federation (WIF) Credential Provider and its usage with Server Workloads. - [Configure a Google GCP WIF Credential Provider](/user-guide/access-policies/credential-providers/google-workload-identity-federation): How to create a Google GCP Workload Identity Federation (WIF) Credential Provider - [Credential Provider integrations overview](/user-guide/access-policies/credential-providers/integrations): An overview of what Credential Provider integrations are and how they work - [Create a GitLab Service Account Integration for a GitLab.com plan"](/user-guide/access-policies/credential-providers/integrations/gitlab): How to create a GitLab Service Account Credential Provider Integration using a GitLab.com plan - [Create a GitLab Service Account Integration for a Dedicated/Self-Managed instance](/user-guide/access-policies/credential-providers/integrations/gitlab-dedicated-self): How to create a GitLab Service Account Credential Provider Integration using a GitLab Dedicated or Self-Managed instance - [Configure a JSON Web Token (JWT) Credential Provider](/user-guide/access-policies/credential-providers/json-web-token): How to create and use a JSON Web Token (JWT) Credential Provider - [Configure a Managed GitLab Account Credential Provider](/user-guide/access-policies/credential-providers/managed-gitlab-account): How to create and use a Managed GitLab Account Credential Provider - [Configure OAuth 2.0 Authorization Code Credential Provider](/user-guide/access-policies/credential-providers/oauth-authorization-code): How to create and use an OAuth 2.0 Authorization Code Credential Provider - [Configure an OAuth 2.0 Client Credentials Credential Provider](/user-guide/access-policies/credential-providers/oauth-client-credentials): How to create and use an OAuth 2.0 Client Credentials Credential Provider - [Configure a Username & Password Credential Provider](/user-guide/access-policies/credential-providers/username-password): How to create and use a Username & Password Credential Provider - [Configure a HashiCorp Vault Client Token Credential Provider](/user-guide/access-policies/credential-providers/vault-client-token): How to configure a Credential Provider for HashiCorp Vault Client Token - [Server Workloads](/user-guide/access-policies/server-workloads): This document provides a high-level description of Server Workloads - [Server Workloads](/user-guide/access-policies/server-workloads/guides): This document provides a high-level description of Server Workloads - [Aembit API](/user-guide/access-policies/server-workloads/guides/aembit): This page describes how to configure Aembit to enable a Client Workload to authenticate and interact with the Aembit API. - [Apigee](/user-guide/access-policies/server-workloads/guides/apigee): This page describes how to configure Aembit to work with the Apigee Server Workload. - [Atlassian](/user-guide/access-policies/server-workloads/guides/atlassian): This page describes how to configure Aembit to work with the Atlassian Server Workload. - [Amazon RDS for MySQL](/user-guide/access-policies/server-workloads/guides/aws-mysql): This page describes how to configure Aembit to work with the Amazon RDS for MySQL Server Workload. - [Amazon RDS for PostgreSQL](/user-guide/access-policies/server-workloads/guides/aws-postgres): This page describes how to configure Aembit to work with with the Amazon RDS for PostgreSQL Server Workload. - [Amazon Redshift](/user-guide/access-policies/server-workloads/guides/aws-redshift): This page describes how to configure Aembit to work with the Amazon Redshift Server Workload. - [Beyond Identity](/user-guide/access-policies/server-workloads/guides/beyond-identity): This page describes how to configure Aembit to work with the Beyond Identity Server Workload. - [Box](/user-guide/access-policies/server-workloads/guides/box): This page describes how to configure Aembit to work with the Box Server Workload. - [Claude](/user-guide/access-policies/server-workloads/guides/claude): This page describes how to configure Aembit to work with the Claude Server Workload. - [Databricks](/user-guide/access-policies/server-workloads/guides/databricks): This page describes how to configure Aembit to work with the Databricks Server Workload. - [Freshsales](/user-guide/access-policies/server-workloads/guides/freshsales): This page describes how to configure Aembit to work with the Freshsales Server Workload. - [GCP BigQuery](/user-guide/access-policies/server-workloads/guides/gcp-bigquery): This page describes how to configure Aembit to work with the GCP BigQuery Server Workload. - [Gemini (Google)](/user-guide/access-policies/server-workloads/guides/gemini): This page describes how to configure Aembit to work with the Gemini Server Workload - [GitGuardian](/user-guide/access-policies/server-workloads/guides/gitguardian): This page describes how to configure Aembit to work with the GitGuardian Server Workload. - [GitHub REST](/user-guide/access-policies/server-workloads/guides/github-rest): This page describes how to configure Aembit to work with the GitHub REST API Server Workload. - [GitLab REST](/user-guide/access-policies/server-workloads/guides/gitlab-rest): This page describes how to configure Aembit to work with the GitLab REST API Server Workload. - [Google Drive](/user-guide/access-policies/server-workloads/guides/google-drive): This page describes how to configure Aembit to work with the Google Drive Server Workload. - [HashiCorp Vault](/user-guide/access-policies/server-workloads/guides/hashicorp-vault): This page describes how to configure Aembit to work with the HashiCorp Vault Server Workload. - [AWS Key Management Service (KMS)](/user-guide/access-policies/server-workloads/guides/kms): This page describes how to configure Aembit to work with the AWS KMS server workload. - [Local MySQL](/user-guide/access-policies/server-workloads/guides/local-mysql): This page describes how to configure Aembit to work with the local MySQL Server Workload. - [Local PostgreSQL](/user-guide/access-policies/server-workloads/guides/local-postgres): This page describes how to configure Aembit to work with the local PostgreSQL Server Workload. - [Local Redis](/user-guide/access-policies/server-workloads/guides/local-redis): This page describes how to configure Aembit to work with the local Redis Server Workload. - [Looker Studio](/user-guide/access-policies/server-workloads/guides/looker-studio): This page describes how to configure Aembit to work with the Looker Studio Server Workload. - [Microsoft Graph](/user-guide/access-policies/server-workloads/guides/microsoft-graph): This page describes how to configure Aembit to work with the Microsoft Graph Server Workload. - [Okta](/user-guide/access-policies/server-workloads/guides/okta): This page describes how to configure Aembit to work with the Okta Server Workload. - [ChatGPT (OpenAI)](/user-guide/access-policies/server-workloads/guides/openai): This page describes how to configure Aembit to work with the OpenAI Server Workload - [PagerDuty](/user-guide/access-policies/server-workloads/guides/pagerduty): This page describes how to configure Aembit to work with the PagerDuty Server Workload. - [PayPal](/user-guide/access-policies/server-workloads/guides/paypal): This page describes how to configure Aembit to work with the PayPal Server Workload. - [Salesforce REST](/user-guide/access-policies/server-workloads/guides/salesforce-rest): This page describes how to configure Aembit to work with the Salesforce REST Server Workload. - [Sauce Labs](/user-guide/access-policies/server-workloads/guides/saucelabs): This page describes how to configure Aembit to work with the Sauce Labs Server Workload. - [Slack](/user-guide/access-policies/server-workloads/guides/slack): This page describes how to configure Aembit to work with the Slack Server Workload. - [Snowflake](/user-guide/access-policies/server-workloads/guides/snowflake): This page describes how to configure Aembit to work with the Snowflake Server Workload. - [Snyk](/user-guide/access-policies/server-workloads/guides/snyk): This page describes how to configure Aembit to work with the Snyk Server Workload. - [Stripe](/user-guide/access-policies/server-workloads/guides/stripe): This page describes how to configure Aembit to work with the Stripe Server Workload. - [Enable TLS on a Server Workload](/user-guide/access-policies/server-workloads/server-workload-enable-tls): How to enable TLS on a Server Workload - [Trust Providers](/user-guide/access-policies/trust-providers): This document provides a high-level description of Trust Providers - [Add Trust Provider](/user-guide/access-policies/trust-providers/add-trust-provider): This document describes the steps required to configure a Trust Provider for Client Workload identity attestation. - [AWS Metadata Service trust provider](/user-guide/access-policies/trust-providers/aws-metadata-service-trust-provider): This page describes the steps required to configure an AWS Metadata Service Trust Provider. - [AWS Role Trust Provider](/user-guide/access-policies/trust-providers/aws-role-trust-provider): This page describes the steps needed to configure the AWS Role Trust Provider. - [Azure Metadata Service trust provider](/user-guide/access-policies/trust-providers/azure-metadata-service-trust-provider): This page describes the steps required to configure the Azure Metadata Service Trust Provider. - [GCP Identity Token Trust Provider](/user-guide/access-policies/trust-providers/gcp-identity-token-trust-provider): This page describes the steps required to configure the GCP Identity Token Trust Provider. - [GitHub Trust Provider](/user-guide/access-policies/trust-providers/github-trust-provider): This page outlines the steps required to configure the GitHub Trust Provider. - [Gitlab Trust Provider](/user-guide/access-policies/trust-providers/gitlab-trust-provider): This page outlines the steps required to configure the Gitlab Trust Provider. - [Kerberos Trust Provider](/user-guide/access-policies/trust-providers/kerberos-trust-provider): How to configure a Kerberos Trust Provider - [Kubernetes Service Account trust provider](/user-guide/access-policies/trust-providers/kubernetes-service-account-trust-provider): This page describes the steps required to configure the Kubernetes Service Account Trust Provider. - [Terraform Cloud Identity Token Trust Provider](/user-guide/access-policies/trust-providers/terraform-cloud-identity-token-trust-provider): This page describes the steps required to configure the Terraform Cloud Identity Token Trust Provider. ## User Guide/audit Report - [Access Authorization Events](/user-guide/audit-report/access-authorization-events): This page describes how users can review access authorization event information in Aembit Reporting. - [How to review Audit Logs](/user-guide/audit-report/audit-logs): How to review Audit Log information in the Reporting Dashboard ## User Guide/administration - [Admin dashboard overview](/user-guide/administration/admin-dashboard): This page describes the different views and dashboards on the Aembit Admin Dashboard - [Discovery overview](/user-guide/administration/discovery) - [Create a Wiz Discovery Integration](/user-guide/administration/discovery/integrations/wiz): How to create a Wiz Discovery Integration - [Identity Providers overview](/user-guide/administration/identity-providers): Description of what Identity Providers are and how they work in the Aembit UI - [How to configure Single Sign On automatic user creation](/user-guide/administration/identity-providers/automatic-user-creation): How to configure SSO automatic user creation through an identity provider - [How to create an Identity Provider](/user-guide/administration/identity-providers/creating-identity-providers): How to create an Identity Provider - [Log Stream overview](/user-guide/administration/log-streams): Description of what Log Streams are and how to capture and archive log information - [Create a AWS S3 Log Stream](/user-guide/administration/log-streams/aws-s3): This page describes how to create a new Log Stream to an AWS S3 Bucket - [Create a Google Cloud Storage Bucket Log Stream](/user-guide/administration/log-streams/gcs-bucket): This page describes how to create a new Log Stream to an Google Cloud Storage (GCS) Bucket - [Resource Sets overview](/user-guide/administration/resource-sets): Description of what Resource Sets are and how they work - [How to add a resource to a Resource Set](/user-guide/administration/resource-sets/adding-resources-to-resource-set): How to add resources to a Resource Set - [How to assign a role to a Resource Set](/user-guide/administration/resource-sets/assign-roles): How to assign a role for a Resource Set - [How to create a Resource Set](/user-guide/administration/resource-sets/creating-resource-sets): How to create a Resource Set - [How to deploy a Resource Set](/user-guide/administration/resource-sets/deploying-resource-sets): How to deploy a Resource Set - [Roles overview](/user-guide/administration/roles): Description of Aembit roles and how they work - [Add a role](/user-guide/administration/roles/add-roles): How to create a new Role in the Aembit Tenant - [Sign-On Policy overview](/user-guide/administration/sign-on-policy): Description of what Sign-On Policies are and how they work - [Users overview](/user-guide/administration/users): This page provides a high-level description of users - [How to add a user](/user-guide/administration/users/add-user): How to add a user to your Aembit tenant ## User Guide/troubleshooting - [Agent Controller Health](/user-guide/troubleshooting/agent-controller-health): This page describes steps for troubleshooting issues with Agent Controller health. - [Agent Proxy Connectivity](/user-guide/troubleshooting/agent-proxy-connectivity): This page describes steps for investigating and troubleshooting issues with Agent Proxy connectivity. - [Agent Proxy Debug Network Tracing](/user-guide/troubleshooting/agent-proxy-debug-network-tracing): This page describes how you can utilize the Agent Proxy Debug Network Tracing feature to capture and record network traffic in a Virtual Machine deployment. - [Tenant Configuration](/user-guide/troubleshooting/tenant-configuration): This page describes steps for troubleshooting an Aembit Tenant misconfiguration. - [Checking Tenant Health](/user-guide/troubleshooting/tenant-health-check): This page describes how to check the health of the Aembit Cloud components.