Cloud Account Management ACL groups, roles, and responsibilities

Australia IT Operations Management

Release

australia

ft:locale

en-US

ft:publication_title

Australia IT Operations Management

ft:clusterId

itom

bundleId

itom

workflow

Technology

Cloud Account Management ACL groups, roles, and responsibilities

Release version: Australia

Updated March 12, 2026

2 minutes to read

Summarize

Summarized using AI

Summary of Cloud Account Management ACL groups, roles, and responsibilities

Access control lists (ACLs), groups, and roles in Cloud Account Management are essential for organizing and managing access permissions within a cloud environment. They define the responsibilities and processes for creating and managing cloud accounts effectively.

Show full answer Show less

Key Features

Requester Group (snitomcam.cwrequester): Initiates and manages cloud account requests, justifying their necessity and gathering required information.
Approver Group (snitomcam.cwapprover): Evaluates account requests, ensures budget compliance, and communicates decisions with justifications.
Admin Group (snitomcam.cwadmin): Oversees account provisioning, alignment with configurations, troubleshooting, and customization of data certification policies.
Certifier Group (snitomcam.cwcertifier): Certifies discovered accounts and manages verification tasks to ensure compliance.

Key Outcomes

By utilizing these defined roles and responsibilities, organizations can ensure streamlined cloud account management, maintain budgetary compliance, and uphold security standards. This structured approach fosters accountability and enhances visibility across all cloud accounts, leading to more efficient operations and effective governance.

Access control lists (ACLs), groups, and roles in Cloud Account Management control how access permissions are organized and managed within a cloud environment.

Groups and roles in Cloud Account Management

Table 1. Cloud Account Management groups and responsibilities
Group	Role	Responsibilities
ITOM Cloud Account Management requester group	sn_itom_cam.cw_requester	Initiates cloud account requests: Triggers the process for creating cloud accounts. Justifies account creation: Provides clear and compelling reasons for why each cloud account is needed. Gathers and submits account information: Collects and submits all the necessary details required for successful cloud account creation. Manages account status: Request suspension or reactivation of cloud accounts as needed.
ITOM Cloud Account Management approver group	sn_itom_cam.cw_approver	Evaluates and approves account requests: Review account creation requests, carefully assessing their validity and alignment with budget constraints. Following this evaluation, the administrator grants approval or denial of the request. Verifies budgetary compliance: Confirms that the requested cloud account aligns with available budgetary resources before granting approval. Communicates decisions with clear rationale: Communicates clearly the approval or denial decision to the requester by adding a comment to the request itself. This comment should provide a concise and informative explanation for the decision.
ITOM Cloud Account Management admin group	sn_itom_cam.cw_admin	Verifies configuration alignment: Verifies that Cloud Account Management configurations are consistent and aligned with both cloud provider configurations and Terraform configurations. This process promotes secure access management practices across all environments. Provisions cloud accounts: Configures the cloud context to provision new cloud accounts, streamlining the account creation process. Troubleshoots provisioning issues: Diagnoses and resolves any problems encountered during cloud account provisioning, promoting successful account creation. Customizes data certification policy: Tailors the Cloud Account Management default data certification policy to meet specific organizational requirements, promoting appropriate data handling procedures. Manages all accounts: Oversees all cloud accounts, including CW-managed accounts and on-boarded accounts, guaranteeing centralized control and visibility.
ITOM Cloud Account Management certifier group	sn_itom_cam.cw_certifier	Certifies discovered accounts: Reviews discovered accounts listed in the Subscription Accounts tab and designates them as certified if they meet compliance standards or failed if they don't. This process verifies proper vetting and ongoing monitoring of cloud accounts. Manages verification tasks: Accesses and reviews verification tasks associated with cloud accounts. Following review, the administrator can certify tasks to indicate their successful completion.

How they work together

Table 2. Cloud Account Management groups and responsibilities
Group	Role	Responsibilities
ITOM Cloud Account Management requester group	sn_itom_cam.cw_requester	Initiates cloud account requests: Triggers the process for creating cloud accounts and provides the information for creating the account. Manages account status: Requests suspension or reactivation of cloud accounts.
ITOM Cloud Account Management approver group	sn_itom_cam.cw_approver	Evaluates and approves account requests. Verifies budgetary compliance of requested cloud accounts and alignment with available budgetary resources.
ITOM Cloud Account Management certifier group	sn_itom_cam.cw_certifier	Certifies discovered accounts. Accesses and reviews verification tasks associated with cloud accounts.
ITOM Cloud Account Management admin group	sn_itom_cam.cw_admin	Verifies that Cloud Account Management configurations are consistent and aligned with both cloud provider configurations and Terraform configurations. Provisions cloud accounts. Troubleshoots provisioning issues: Diagnoses and resolves any problems encountered during cloud account provisioning. Customizes data certification policies to meet specific organizational requirements. Oversees all cloud accounts, including CW-managed and on-boarded accounts, guaranteeing centralized control and visibility.

To return to the main topic, see Exploring Cloud Account Management.