• Boris.Lekumovich (RSA)

    I don't think so.

     

    Can you elaborate on your requirement?

    what information you are looking to collect?

  • MekalaSubramani (Customer)

    I want to bring AWS User Accounts & user's various AWS services access to RSA G&L for doing access review for various AWS services like S3, quick sight, red shift and more... As per this use case, access information is stored in AWS Identity Center.

     

     IDC definition -> AWS Identity Center provides a central location to manage access to AWS accounts and applications, and accessing user information involves assigning users to accounts and permission sets, which determine their level of access. 

    Expand Post

  • MekalaSubramani (Customer)

    I do see KB for AWS IAM connection, but as per the use case I have - integration to be done with AWS Identity Center not IAM.

     

    Note - AWS IAM (Identity and Access Management) is a core service for managing access to AWS resources within a single account, while IAM Identity Center (formerly AWS SSO) is a service for managing access to multiple AWS accounts and other applications with a centralized identity provider. IAM Identity Center is built on top of IAM and is designed for organizations that need to manage access to multiple accounts and applications using single sign-on (SSO). 

    Expand Post

  • MekalaSubramani (Customer)

    I haven't tried before that I want to know if there is any out of the box collector available for AWS Identity Center in G&L???

     

    • Boris.Lekumovich (RSA)

      The out of the box AWS collectors (account and entitlement) are using the following AWS APIs (from what I know).

       

      Is this not sufficient for your needs?

       

      • ListUsers
      • ListGroups
      • ListGroupsForUser
      • ListUserPolicies
      • ListGroupPolicies
      • ListRoles
      • ListRolePolicies
      • ListAttachedRolePolicies

       

       

       

      Expand Post

Don't see what you're looking for?