☑️Getting Started
First steps with the core authorization platform
Welcome to Veza, your unified access control platform for data governance, data access management, cloud entitlements, privileged access, and much more.
This page is intended to introduce important features and help you get started implementing and operationalizing Veza for your environments and teams. You will learn how to enable external integrations and begin leveraging Access Intelligence, Access Search, and Access Reviews.
See the following sections for details:
Configure Veza to discover enterprise resources
To fully make use of Veza, you will first need to integrate the Identity, Cloud, and application providers used by your organization. Veza will periodically connect to these application providers and data sources to populate the Authorization Graph and build your Entity Catalog.
To add integrations, open the Integrations page, and click Add Integration. For more details, see Veza Integrations and Configuring Integrations. You can learn more about the requirements for each integration in the related setup guide.
Identity Providers
Configure the services used by your organization for identity management and authentication:
Cloud Providers
Configure your organizations cloud providers to discover identities, services, and resources:
Apps and Data Systems
Integrate additional applications with built-in connectors, or Open Authorization API (OAA) for custom data sources:
Explore your Entity Catalog
Veza builds a catalog of all your entities across identity providers, cloud providers, apps, and data systems. You can review all of these on the Data Catalog > Entities page. Choose data sources on the left panel to view all the entity types Veza has discovered, and click an entity type to bring up a list of those entities in the Query Builder, where you can view additional attributes and details.
The metadata Veza discovers includes Tags from cloud providers (AWS tags, GCP labels, etc.) You can also create and apply Veza tags to identify sensitive cloud data assets across multiple providers and applications. Open the Data Catalog > Tags page to see the tags Veza has already discovered.
Leverage built-in and customized Access Intelligence
Veza ships with hundreds of out-of-the-box assessment queries to provide rapid insight into risks, anomalies, and the overall state of authorization within integrated systems.
The main Dashboards page showcases some of these top risks and important metrics. You can customize which assessments appear on the home page, and dig into Reports to review additional insights based on integration type or query category. Then, try creating a custom report to capture data access trends and track risks for your organization.
See the Insights overview for more information about Risks, Rules, and the Analysis section.
Search and query for who has access to any resource
Veza discovers the connections between entities in the Authorization Graph and makes these relationships searchable with a visual Graph search and flexible Query Builder.
You can use these Access Search features to explore the different types of entities in the Data Catalog. To get started, go to the Saved Queries page, and try opening some out-of-the-box assessments in the Query Builder to fine-tune them based on your organization's priorities and unique environments.
Search for a single entity (such as an Okta User or Snowflake Database) using the Graph search bar to show all the connections Veza has found.
Specify a source and destination entity in Query Builder to find all entities of the source type with a relationship to entities of the destination type.
Apply filters on any of the entity attributes Veza has discovered to narrow your search using rich metadata such as user
department,manager, orlast activity date.
See the Search overview for more information about the Graph and Query Builder search interfaces.
Create Access Review Workflows
Veza Access Reviews enable repeatable, granular, and integrated certification campaigns, whether conducted by a single auditor, or involving collaborators from many departments and teams. Open the Workflows page to create and manage access review workflows for user access reviews, privileged access reviews, entitlement management, role management, identity lifecycle, and more.
Depending on the business and compliance requirements, Workflows can audit user access to data, resource entitlements, roles, groups, and policies, or any other source -> destination relationship discovered by Veza.
After creating a Workflow to define the scope of an access review, administrators and operators can create and schedule Certifications, and assign the results to individual managers or resource managers for review and attestation.
See Veza Workflows for more information about creating a Workflow and starting and reviewing Certifications.
Operationalize Veza for your users and teams
Veza is designed to support collaboration between users and teams, and integration with external systems and workflows. Once you've familiarized yourself with the platform, you can invite your team, enable outbound actions and alerts, and enable advanced functionality:
Configure notifications in other enterprise apps such as Jira, Slack, and ServiceNow.
Enable SAML Single Sign On for your identity provider.
Invite and manage users and create [teams for role-based access control](aadministration/users/teams.md.
Create Alert Rules to get notifications when thresholds and conditions are met.
Explore and customize administrative settings for Access Workflows.
Enable Activity Monitoring for supported integrations.
Last updated
