Skip to content

Setting Permissions for your cloud applications

For Coro to monitor and report security issues, at least one cloud application must be connected.


To see a list of supported cloud applications, see Introducing cloud security.

Coro supports the ability to set access permissions for connected cloud applications. In other words, you can allow access to an application based on whether a user meets a defined set of criteria.

To configure access permissions for a service:

  1. Log into the Coro console and go to Control Panel > Cloud Security.

  2. From your list of connected cloud application, select the corresponding Access Permissions button:

    Cloud security configuration page

  3. On the Access Permissions page for your application, select + NEW PERMISSIONS to add a new permission rule:

    Access permissions


    If your selected application has no current access permissions set, Coro shows a banner page instead:

    Access permissions banner page

    In this scenario, select NEW PERMISSIONS to start the process.

  4. Choose All Users or Specific Groups.

    If you select All Users, the new restriction applies to everyone.

    If you want to apply the restriction to only a named user group within the application, choose Specific Groups


    When a user belongs to several groups, they inherit the collective permissions of all those groups.

  5. Select whether you want to restrict access based on a list of allowed countries, or from a defined set of IP addresses/address range.

  6. Set the type of automatic remediation Coro should apply when a user attempts to access the application that does not meet the permission criteria. Choose from:

    Setting Description
    None No remediation steps are required.
    Suspend The user account is automatically suspended.
    Sign in The user must re-enter their credentials.
  7. Select Save Permissions, to save your changes.

Coro creates an Access permissions violation ticket if a user successfully logs into a protected service from an origin in violation of the configured access rules.