Identity & Access Manager (IAM)
Identity & Access Manager (IAM) provides an API to handle the following functionality:
- Providing identification information such as system ID, node ID, unit model, unit subjects, etc.
- Creating, applying, and handling keys and certificates for different system components.
- Handling and providing service permissions.
- Device provisioning.
IAM is used by the following system components:
- The provisioning script - to perform system provisioning.
- Communication manager - to get the appropriate online and offline keys and certificates, to get key and certificate for secure gRPC communication, to renew certificates.
- Update manager - to get key and certificate for secure gRPC communication.
- Service manager - to get key and certificate for secure gRPC communication and to register service permissions.
- Functional servers - to check service permissions.
See IAM structure for info on the structure of IAM and IAM interactions for info on how IAM interacts with other system components.