Cloud Infrastructure Entitlement Management (CIEM) Settings

Configure this feature if your application is intended to manage Azure Management Objects. This includes Management Groups, Subscriptions, Resource Groups, and Role assignments.

Important
You must have a SailPoint a Cloud Infrastructure Entitlement Management (CIEM) license to enable cloud governance features. Contact your SailPoint Customer Success Manager to request access. If you want more information on CIEM Cloud Governance, refer to CIEM Cloud Governance Overview.

Prerequisites

Before enabling CIEM and adding your instance IDs, you need to configure Azure and Microsoft Entra ID. For more information on these steps, refer to Configuring Azure and Microsoft Entra ID.

To configure CIEM, complete the following: 

1. Go to CIEM Settings.

2. Select Enable Cloud Infrastructure Entitlement Management (CIEM) to manage Azure Management Objects, which include Management Groups, Subscriptions, Resource Groups, and Role Assignments.

3. Enter up to 250 Instance IDs, separated by a comma. These are the Application IDs used to resolve Microsoft Entra ID accounts with federated IAM roles with AWS. For more information, refer to the Microsoft Entra ID documentation.

4. Select Save.