search

aws-samples / iam-identity-center-team

Open-source temporary elevated access solution for AWS IAM Identity Center.
https://aws-samples.github.io/iam-identity-center-team/
MIT No Attribution
249 stars 59 forks source link

Guidance for Eligibility & Approval policies. #225

Open kp2401075 opened 2 months ago

kp2401075 commented 2 months ago

Problem statement.

We are trying to deploy this in an environment where there are large number of groups each is meant to have different level of access to different accounts. For example below. Eligibility policy Group1 -> Acount 1(Developer), Account2(View-Only), Account3(Billing) Group2 -> Acount 3(Developer), Account4(View-Only), Account5(Billing) Approver policy Group3 -> Acount 1, Account2 Group4 -> Acount 3 Account4. Account5

we would like to have this mapping stored in a config file somewhere in git repo and deploy it as Eligibility Policy / Approval for TEAM app via CI/CD or an automatic process.

Is there existing solution for above mentioned problem?

We would like to avoid ClickOps.

carlaabanes commented 2 months ago

Hi @kp2401075

Im curious to know if you are having problems with navigating to Administration menu on the left side and the click on Eligibility policy? From my end, this page does not load.

Thank you.

powerfei commented 1 month ago

Hi, @kp2401075 , do you know why I only have one role (ReadOnlyAccess) available? How to configure it to add more options? image