TABLE OF CONTENTS


Introduction

A user is someone who utilizes Aqua Platform functionality: via the UI, the REST APIs, or both. A user with an existing Aqua account can invite one or more new users to create new Aqua accounts. Sharing your account with other users enables you to build teams with different levels of access permissions.


User types

Privileges are assigned to users based on their user type. For example, a system administrator has complete access to all the resources, whereas a standard user has only read-only access.

  1. Standard users have read-only access to the Aqua accounts that are in the group(s) they belong to.
  2. Group Administrators can manage the group(s) they belong to, including the cloud accounts assigned to them. They can add and remove users to the group, trigger scans, and manage the cloud account details.
  3. System Administrators have the Administrator role; they have complete access to all Aqua account management operations and system resources. System administrators can use the Account Management settings to: 
    • Manage their Aqua account
    • Add and manage users
    • Create and manage groups
    • Create and manage roles
    • Define and manage application scopes
    • Define and manage permission sets
    • Map SSO groups to Aqua roles


See Aqua Administrator Accounts for more information.


Admin: Invite new user(s) to Aqua Platform

Adding one or more users begins with your sending them an invitation, as defined in this procedure.


One user


1. In the Aqua UI, navigate to Account Management > User Management > Users.

2. Click Add New and select User.



3. In the Add New User pop-up window:

  • Enter the email address of the new user. 
  • Optionally, set the System Admin toggle to enable System Admin privileges for the user (this can also be done later).
  • For non-admin users: Select the appropriate Role(s) and CSPM Group(s). (Admin users will be assigned the Administrator role and the Default group.)
        

 

4. Click Add User. The UI will display a notification like "Successfully invited user to the account".


Multiple users

You can invite up to 50 users by adding their email addresses simultaneously. The procedure is quite similar to the one described above.


1. In the Aqua UI, navigate to Account Management > User Management > Users.

2. Click Add New and select Bulk Users.

3. In the Add Bulk Users pop-up window:

  • Enter the email addresses of up to 50 new users in the User Emails field.
  • Optionally, set the System Admin toggle to enable System Admin privileges for all users (this can also be done later).
  • For non-admin users: Select the appropriate Role(s) and CSPM Group(s). (Admin users will be assigned the Administrator role and the Default group.)


4. Click Add User. The UI will display a notification like "All users were successfully saved".


New user: Accept the invitation


Users who are invited will receive an email from Aqua Security; it will look like this:



To accept the invitation, the user needs to click the link, as directed. This will open a webpage like the one shown below.

The user needs to enter and confirm their password, accept the EULA, and click Sign Up.



User management (Users screen)


In the Aqua UI, navigate to Account Management > User Management > UsersThe Users screen lists all users along with their attributes.


 

Besides adding new users, the actions described below are available from this screen.


Toggle Admin privileges for a user


Click the toggle switch in the Administrator column. Only an Admin can perform this action.


Delete users(s)


To delete one or more users, select them using the checkboxes on the left side of the Users screen, click Delete, and confirm the prompt to proceed.


Export user information


Click Export to export information for all users to a .csv file.