CloudBeaver offers several authentication methods. The administrator can set them when configuring CloudBeaver for the first time. Or it can be done later in the Administration Menu.
Users can work with CloudBeaver without authorization. Connections become available for anonymous access when the administrator:
creates connections in the Connection Management Menu and gives access to them for the User role (you can find more information for the roles at Role management article).
enables the Custom connections option in the Administration Menu. In this case connections can be configured on the main page by anonymous users and disappear after the session expirations.
It is the local name/password based authentication. The administrator has to create users in the Administration and grant them a role which will define users’ permissions (more information about users can be found at Users article).
CloudBeaver Enterprise Edition also supports AWS IAM and SAML authentication methods.
AWS IAM access
Amazon Web Services authentication allows users to authorize to CloudBeaver EE with IAM credentials. Once an IAM user is authorized to CloudBeaver instance, the appropriate user is created in the application with the User role by default (you can find more information about AWS IAM authentication at AWS IAM article).
Note: Local and AWS accounts, used during the first configuration of CloudBeaver EE instance, become associated with the administrator who configured it. It means that the administrator can login to the application with the local and the IAM credentials and a new user will not be created after using these IAM credentials.
SSO (Single Sign-On) authentication can be used for access to CloudBeaver EE. Once an SSO user is authorized to CloudBeaver instance, the appropriate user is created in the application with the User role by default (you can find more information about SSO authentication at Single Sign On article).
CloudBeaver Enterprise Edition for AWS supports AWS IAM and SAML authentication methods, but local and anonymous authentication are not available in it.