Set up your Privilege Cloud environment on Shared Services

Setup and deployment steps begin when you receive the CyberArk welcome mail that provides you with your access details to the Shared Services and Privilege Cloud environment.

This section includes the steps and instructions for deploying and maintaining the Shared Services platform and Privilege Cloud environment on Shared Services.

The following diagram presents the main steps and order of deployment:

Step 1: Customer site

Receive the CyberArk Welcome email to Identity Security Platform. The email contains a link to your Identity Security Platform cloud tenant, access credentials and your customer ID.

Step 2: Prepare for deployment and login to the Identity Security Platform user portal

Check security setup within your environment comply with Privilege Cloud recommendations. See Security Fundamentals.
Check system prerequisites:
- Check machine and network prerequisites for Identity Administration. See Identity Connector requirements.
- Check the machine and network prerequisites for Privilege Cloud. See Privilege Cloud System requirements.
Login to the ISP user portal, access the Identity Administration portal, and check necessary setup details. See Collect setup details and sign in to the Identity Security Platform user portal.
- It is recommended to access the ISP user portal from the Connector machine.
- Access the Connector machine with a user account that has installation permissions on the machine.
- Login to the ISP user portal using the link and initial user provided in the CyberArk email.
Setup your installeruser password for use in all connector installations. See Set the Installeruser password

Step 3: Identity Administration and user setup

Learn about the principles of setting up users and roles in theIdentity Administration, and follow the set up flow. See Add system users and roles

In the Identity Administration tenant:

To add users:
- Add users from on-prem authentication sources, such as Active Directory, LDAP, or RADIUS. See Add users from on-prem authentication solutions.
- Add users from a cloud authentication tool, such as Google Workspace or Azure, see Add users from Cloud authentication solutions.
- Add users manually or in bulk to the CyberArk Cloud directory, see Add CyberArk Cloud Directory Users
Set up federation with external identity providers, see Set up federation with external identity providers.
Configure multi-factor authentication. SeeConfigure MFA for Identity Administration.
Add users and assign roles to your groups and users. See Assign users to roles and manage roles

After you have completed the next step of setting up Privilege Cloud, invite your organization users to access Identity Security Platform. See Invite users.

Step 4: Privilege Cloud setup

Install the Privilege Cloud Connector which automatically deploys the CPM, PSM and hardening policies. See Deploy the Privilege Cloud Connector.
Install the Secure tunnel and optionally:
- Connect to SIEM. See Connect to SIEM.
- Enable Remote Access (if applicable). See Remote access to target machines.
Optionally, to support Unix machines, install PSM for SSH. See Deploy PSM for SSH (Unix connector).