Set up your Privilege Cloud environment on Shared Services

Setup and deployment steps begin when you receive the CyberArk welcome mail that provides you with your access details to the Shared Services and Privilege Cloud environment.

This section includes the steps and instructions for deploying and maintaining the Shared Services platform and Privilege Cloud environment on Shared Services.

Explore the Privilege Cloud end-to-end workflow

Click a task to learn more

Step 1: Customer site

Receive the CyberArk Welcome email to CyberArk Identity Security Platform Shared Services. The email contains a link to your CyberArk Identity Security Platform Shared Services cloud tenant, access credentials and your customer ID.

Step 2: Prepare for deployment and login to the ISPSS user portal

  1. Check security setup within your environment comply with Privilege Cloud recommendations. See Security Fundamentals.

  2. Check system prerequisites:

  3. Login to the ISPSS user portal, access the Identity Administration portal, and check necessary setup details. See Collect setup details and sign in to the ISPSS user portal.

    • It is recommended to access the ISPSS user portal from the Connector machine.

    • Access the Connector machine with a user account that has installation permissions on the machine.

    • Login to the ISPSS user portal using the link and initial user provided in the CyberArk email.

  4. Setup your installeruser password for use in all connector installations. See Set the Installeruser password

Step 3: Identity Administration and user setup

Learn about the principles of setting up users and roles in theIdentity Administration, and follow the set up flow. See Add system users and roles

In the Identity Administration tenant:

  1. To add users:

    Authentication services

    See Add users from a directory service.

    CyberArk Cloud Directory

    See Add CyberArk Cloud Directory Users.

  2. Set up federation with external identity providers, see Set up federation with external identity providers.

  3. Configure multi-factor authentication. SeeConfigure MFA for Identity Administration.

  4. Add users and assign roles to your groups and users. See Assign users to roles and manage roles

After you have completed the next step of setting up Privilege Cloud, invite your organization users to access CyberArk Identity Security Platform Shared Services. See Invite users.

Step 4: Privilege Cloud setup

  1. Install the Privilege Cloud Connector which automatically deploys the CPM, PSM and hardening policies. See Deploy the Privilege Cloud Connector.
  2. Install the Secure tunnel and optionally:

  3. Optionally, to support Unix machines, install PSM for SSH. See Deploy PSM for SSH (Unix connector).