Authorized Entities Directory

The agile IAM for DevOps

Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP

Main Objectives

  • Strictly follow need to know and least privilege principles
  • Agile data maintenance by consequent delegation of manageable small areas
  • Provide meaningful audit trails for compliance checks
  • Secure defaults

Key Features

  • Fine-grained authorization
  • Fine-grained delegation, ready-to-use role-model
  • Role separation, multiple accounts per person
  • Secure password handling, SSH key distribution
  • Compatible to all LDAP enabled applications
  • Two-factor authentication integrated with LDAP
  • High availability out-of-the-box with LDAP server replicas
  • TLS everywhere
  • Service hardening out-of-the-box

Find longer introductions: Æ-DIR conference presentations.