Resource groups

A resource group is an administrative boundary with one or more projects that the resource group owners can manage. These projects share resources and configuration options.

Resource groups simplify resource management by organizing resources into groups and delegating administration to one or more user groups. A user with a resource administrator role has administrative access to all the team resources. They can create or update resource groups, and delegate the resource groups to one or more user groups.

Delegated resource admins can create and update projects within their own resource group, and enroll servers in those projects. However, they can't perform any administrative tasks on projects outside of their own resource group.

Security admins can delegate security administration to other user groups. Delegated security admins can create policies to grant access to resources. Policies created by them only apply to their assigned resource group. See Security policy.

Prerequisites

  • To perform these tasks, you must be a Okta Privileged Access resource admin for your group.

  • Okta Privileged Access security admins can assign delegated security admin roles.

Create a resource group

  1. On the Okta Privileged Access dashboard, go to Resource Administration Resource Management
  2. Click Create Resource Group.
  3. Give a name to the resource group and add a description.
  4. Click Add delegate resource admin to add an owner to the resource group. You must add at least one owner to save the resource group.
  5. In the dialog that appears, select one or more groups to add.

  6. Click Save.

The resource group is created and the project section is visible. The resource group owners can now create and manage projects.

Add a delegated security admin

Security administrators can assign security administration to groups assigned as delegated security administrators. See Security policy.

  1. On the Okta Privileged Access dashboard, go to Resource Administration Resource Management

  2. Select a resource group.

  3. Click Add delegate security admin.

  4. In the dialog that appears, select one or more groups to add.

  5. Click Save.

Delete a resource group

You can't delete a resource group that contains projects.

  1. On the Okta Privileged Access dashboard, go to Resource AdministrationResource Management.
  2. Click Actions on the resource group that you want to delete.
  3. Select Delete.
  4. Click Remove Resource Group.

Next steps

Create a project

Security policy

Roles and permissions