Managing Cloud Access Roles


Cloud access roles (CARs) are console access roles for your AWS or Azure console/portal. You can read more about CARs and how they apply across your organization in the What is a Cloud Access Role? article.

To add a new CAR, see Add a Cloud Access Role to a Project or Add a Cloud Access Role to an OU.

Viewing and Editing Cloud Access Roles

To view which cloud access roles are applied on an OU or project:

  1. Click the name of the project or OU you wish to view in the project/OU list to access its details page.
  2. On the project/OU details page, click on the Cloud Management.
  3. Click on the Cloud Access Roles sub-tab. A list of cloud access roles for the project/OU will be displayed. From this screen, you can click Add to add a new cloud access role.


After navigating to a project/OU's Cloud Acess Roles sub-tab, click the name of a cloud access role to view its details, including the name, access type, AWS IAM role name, origin, and any objects associated with it. The AWS IAM Policies section will show whether IAM policies are applied as permissions boundaries or permissions policies in the Used As section.

Click the ellipsis menu button on this screen for options to Edit or Delete the CAR.

Was this article helpful?
0 out of 0 found this helpful