Identity Governance and Administration (IGA) is a service that allows your enterprise to obtain data for audit trail and certification, and to manage self-service access requests, approvals, and violations in real time.

Organization owners can start using the IGA service by clicking the Get Started link on the Identity & Access Management > Governance page. Using the IGA service in an organization, lets users do the following:

As an You can
organization owner
  • Access the IGA dashboard from the Identity & Access Management > Governance page in the Cloud Services Console.
  • Enable or disable your organization members' ability to submit self-service requests for additional roles.
  • Govern access to services in your organization by managing incoming organization and service role requests. See Manage Requests.
  • Monitor violations and immediately respond to threats. See Monitor Violations.
organization member

Advanced IGA Features for Federated Domains

If your domain is federated, additional IGA features can be enabled for all organizations in the federated domain that are linked to the corporate Identity Provider. See Why Do I Need to Link My IdP.

When advanced IGA features are enabled, non-organization members can request organization and service roles access in linked organizations during onboarding. See Onboarding With a Federated Account to learn more about this feature.

Enterprise Administrators of federated domains can enable the advanced IGA features for some or all VMware Cloud services organizations that are linked to their corporate Identity Provider. For more information, see Enable Advanced IGA Features for Federated Domains.

For more information about enterprise federation, see Setting Up Enterprise Federation with VMware Cloud Services.