US Patent 11431697 Access management for multi-cloud workloads

An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of multiple cloud service providers, a request by a user to access a given cloud asset on which one or more workloads of a given entity run. The processing device is also configured to generate, on the given cloud asset utilizing application programming interfaces of the trust platform, a temporary user account responsive to determining that the requesting user is registered with the trust platform as an authorized user for the given entity and the given asset. The processing device is further configured to provide access credentials for the temporary user account to the requesting user, to monitor use of the temporary user account, and to remove the temporary user account from the given cloud asset based at least in part on the monitored use.