Admin Portal
The Admin Portal is the central management interface for Prism. It provides Customer Admins with full control over users, groups, permission sets, AWS account assignments, identity providers, and platform settings -- all from a single, unified dashboard.
Prism acts as a multi-tenant IAM layer for AWS access management. The Admin Portal allows you to manage both identity and cloud access in one place.
Who Can Access the Admin Portal?
Access to the Admin Portal is governed by Prism's role hierarchy:
| Role | Level | Admin Portal Access |
|---|---|---|
| Viewer | 0 | No access |
| Approver | 1 | No access |
| SSO Admin | 2 | Full access excluding admin management |
| Admin | 3 | Full access to all Admin Portal features |
Each role inherits the permissions of all roles below it. An Admin has all the capabilities of an SSO Admin, Approver, and Viewer.
Portal Sections
The Admin Portal is organized into the following sections:
Dashboard
A high-level overview of your organization's IAM resources, with quick-access stat cards for users, groups, permission sets, AWS accounts, and assignments.
Users
Create, edit, and delete users.
Groups
Organize users into groups for easier permission management. Add or remove members from groups.
Permission Sets
Define collections of AWS IAM policies that determine what users and groups can do in AWS. Attach AWS managed policies or write custom inline policies.
Assignments
Assign permission sets to users or groups on specific AWS accounts. This is where identity meets access.
AWS Accounts
Onboard, rename, manage owners for, and delete AWS accounts from your organization.
Identity Providers
Configure single sign-on (SSO) with Google, Microsoft, or any custom OIDC provider.
Custom Applications
Set up custom SAML applications to extend SSO login using Prism to third-party services.
Preferences
Platform-wide settings including admin management, SCIM provisioning, API tokens, replication to AWS, and log export configuration.
Logs
View audit logs of administrative actions and access logs of user login activity.
Typical Workflow
A typical setup workflow in the Admin Portal follows this order:
- Onboard AWS accounts -- Connect your AWS accounts to Prism.
- Create users and groups -- Set up your organization's identity structure.
- Create permission sets -- Define the AWS access policies you need.
- Create assignments -- Bind permission sets to users/groups on specific accounts.
- Configure identity providers -- Enable SSO for your users.