MicroZAccess (ZTNA) > Managing MicroZAccess ZTNA > Group Membership

Group Membership

Group Membership is a core component used in App Onboard and Dev-App-Profile to enforce tag-based access control within the COSGrid environment.

Access decisions are based on tag matching:

  • If a user’s tag matches the assigned group → Access is granted

  • If the tag does not match → Access is denied

This mechanism ensures secure, scalable, and consistent access control across applications and policies, aligning with Zero Trust principles.

Navigation: Organization → Configure → Group Membership

Components of Group Membership

Each Group Membership includes the following elements:

  1. Name: A unique identifier for the group.
    Example: Finance_Team, QA_Group

  2. Description: Provides additional context about the group’s purpose or usage.

  3. Type: Defines the category or purpose of the group. Common examples include:

    1. ZTNA → Used for Zero Trust access control

    2. ERP → Used for enterprise application grouping

Key Features

  1. Search: Quickly find specific group memberships.

  2. Download: Export group configurations for:

    • Backup

    • Audit

    • Compliance

  3. Column Customization: Select and display relevant fields for better visibility.

  4. Edit: Modify existing group memberships.

  5. Delete: Remove unused or obsolete groups.

  6. Add: Create a new group membership.

Creating a Group Membership

Step 1: Initiate, Click Add to open the group membership configuration form.

Step 2: Enter Details: Provide the required information:

  • Name: Enter a unique name for the group

  • Description: Add a meaningful description

  • Type: Select the appropriate group type (e.g., ZTNA, ERP)

Step 3: Finalize, Click Add to create the group membership.

Example Configuration

Objective

Create a group membership for ZTNA-based access control.

Configuration

Parameter

Value

Name

Example_Grp

Description

Example_Grp

Type

ZTNA

Steps

  1. Click Add

  2. Enter:

    • Name: Example_Grp

    • Description: Example_Grp

  3. Select:

    • Type: ZTNA

  4. Click Add

Result

A Group Membership is created that:

  • Can be assigned to users and applications

  • Enables tag-based access control

  • Ensures only matching users can access associated resources

Best Practices

  • Use clear and descriptive naming conventions
    (e.g., Dept_Env_AccessType → QA_Prod_ZTNA)

  • Avoid creating duplicate or overlapping groups

  • Align group types with organizational use cases

  • Regularly review and clean up unused groups

  • Use groups consistently across:

    • App Onboard

    • Security Policies

    • Overlay Servers