Set up your Privilege Cloud environment on Shared Services

Setup and deployment steps begin when you receive the CyberArk welcome mail that provides you with your access details to the Shared Services and Privilege Cloud environment.

This section includes the steps and instructions for deploying and maintaining the Shared Services platform and Privilege Cloud environment on Shared Services.

Explore the Privilege Cloud end-to-end workflow

Click a task to learn more

Step 1: Customer site

Receive the CyberArk Welcome email to CyberArk Identity Security Platform Shared Services. The email contains a link to your CyberArk Identity Security Platform Shared Services cloud tenant, access credentials and your customer ID.

Step 2: Prepare for deployment and login to the ISPSS user portal

Check security setup within your environment comply with Privilege Cloud recommendations. See Security Fundamentals.
Check system prerequisites:
- Check machine and network prerequisites for Identity Administration. See CyberArk Identity Connector requirements.
- Check the machine and network prerequisites for Privilege Cloud. See Privilege Cloud System requirements.
Login to the ISPSS user portal, access the Identity Administration portal, and check necessary setup details. See Collect setup details and sign in to the ISPSS user portal.
- It is recommended to access the ISPSS user portal from the Connector machine.
- Access the Connector machine with a user account that has installation permissions on the machine.
- Login to the ISPSS user portal using the link and initial user provided in the CyberArk email.
Setup your installeruser password for use in all connector installations. See Set the Installeruser password

Step 3: Identity Administration and user setup

Learn about the principles of setting up users and roles in theIdentity Administration, and follow the set up flow. See Add system users and roles

In the Identity Administration tenant:

To add users:

Authentication services	See Add users from a directory service.
CyberArk Cloud Directory	See Add CyberArk Cloud Directory Users.

Set up federation with external identity providers, see Set up federation with external identity providers.
Configure multi-factor authentication. SeeConfigure MFA for Identity Administration.
Add users and assign roles to your groups and users. See Assign users to roles and manage roles

After you have completed the next step of setting up Privilege Cloud, invite your organization users to access CyberArk Identity Security Platform Shared Services. See Invite users.

Step 4: Privilege Cloud setup

Install the Privilege Cloud Connector which automatically deploys the CPM, PSM and hardening policies. See Deploy the Privilege Cloud Connector.
Install the Secure tunnel and optionally:
- Connect to SIEM. See Connect to SIEM.
- Enable Remote Access (if applicable). See Remote access to target machines.
Optionally, to support Unix machines, install PSM for SSH. See Deploy PSM for SSH (Unix connector).