Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, a log-in request that includes authentication information and corresponds to the service may be received. Session access to at least one secure resource may be provided when a user is authenticated. In some examples, a request to perform an action associated with the secure resource may be received during the session. Additionally, in some examples, the plug-in framework may be implemented to determine whether the user is allowed to perform the action. Further, performance of the action may be allowed or denied during the session based on the determination.

Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, a log-in request that includes authentication information and corresponds to the service may be received. Session access to at least one secure resource may be provided when a user is authenticated. In some examples, a request to perform an action associated with the secure resource may be received during the session. Additionally, in some examples, the plug-in framework may be implemented to determine whether the user is allowed to perform the action. Further, performance of the action may be allowed or denied during the session based on the determination.

Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, a log-in request that includes authentication information and corresponds to the service may be received. Session access to at least one secure resource may be provided when a user is authenticated. In some examples, a request to perform an action associated with the secure resource may be received during the session. Additionally, in some examples, the plug-in framework may be implemented to determine whether the user is allowed to perform the action. Further, performance of the action may be allowed or denied during the session based on the determination.

Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, plug-in code for implementing a workflow that includes step-up validation associated with a user attempting to access at least one secure resource may be received. Access to the at least one secure resource may be provided when the user is authenticated with respect to the service. In some examples, a request to access a second secure resource may be received. Additionally, in some examples, the workflow to perform the step-up validation may be implemented at least in response to the request to access the second secure resource. The workflow implemented based at least in part on an attribute associated with the request.

Abstract: Techniques for managing accounts are provided. An access management system may check out credentials for accessing target systems. For example a user may receive a password for a period of time or until checked back in. Access to the target system may be logged during this time. Upon the password being checked in, a security account may modify the password so that the user may not log back in without checking out a new password. Additionally, in some examples, password policies for the security account may be managed. As such, when a password policy changes, the security account password may be dynamically updated. Additionally, in some examples, hierarchical viewing perspectives may be determined and/or selected for visualizing one or more managed accounts. Further, accounts may be organized into groups based on roles, and grants for the accounts may be dynamically updated as changes occur or new accounts are managed.

Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, a log-in request that includes authentication information and corresponds to the service may be received. Session access to at least one secure resource may be provided when a user is authenticated. In some examples, a request to perform an action associated with the secure resource may be received during the session. Additionally, in some examples, the plug-in framework may be implemented to determine whether the user is allowed to perform the action. Further, performance of the action may be allowed or denied during the session based on the determination.

Abstract: Techniques for managing privileged accounts via a privileged access management service are provided. In some examples, the service may be configured with a plug-in framework for accessing secure resources. In some aspects, plug-in code for implementing a workflow that includes step-up validation associated with a user attempting to access at least one secure resource may be received. Access to the at least one secure resource may be provided when the user is authenticated with respect to the service. In some examples, a request to access a second secure resource may be received. Additionally, in some examples, the workflow to perform the step-up validation may be implemented at least in response to the request to access the second secure resource. The workflow implemented based at least in part on an attribute associated with the request.