API Access Monitoring
In many large organizations, multiple groups want to have access to the API of private clouds and various other sensitive systems. Access control and tracking are difficult, making system owners hesitant to provide access, and potentially vulnerable if too much access is granted for a user. With Pliant, you can easily allow access on a per-user, per API call basis and abstract credentials so you can allow control without sharing passwords or keys.
Pliant Acts as an API Gateway to Keep Access Keys Safe.
Pliant provides per-user-role access control down to individual calls, tracks API execution, can be used to throttle and most importantly tracks every successful and unsuccessful access attempt.
Further, Pliant sandboxes API keys so users never actually see the key nor interact with it. Thus if an employee or contractor leaves, they would not be able to use the key.
Allow Root Access Without Risking Your Critical Infrastructure.
One user wanted to pull certain stats from an OpenStack deployment. However, they found that to do so, the user collecting the stats would need near root permissions and a username/password that would essentially give them access to perform any function in the OpenStack environment.
With Pliant, the administrator allowed the user limited root access by only allowing the individual API calls the user needed to complete the task. The user was then able to create automated workflows without knowing the usernames and passwords to systems. This user could then execute API calls to extract needed data – and then load this data into a network management system in an automated fashion with Pliant.