Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make Athena support work with Federated users #24

Open
0xdabbad00 opened this issue Jul 19, 2018 · 2 comments
Open

Make Athena support work with Federated users #24

0xdabbad00 opened this issue Jul 19, 2018 · 2 comments
Labels
enhancement New feature or request

Comments

@0xdabbad00
Copy link
Collaborator

No description provided.

@0xdabbad00 0xdabbad00 added the enhancement New feature or request label Jul 19, 2018
@robertdavis1
Copy link

Question on this enhancement. Is this looking to leverage something like a central security account that assumes into the account in question to run Athena queries and gather information?

ie:
role in central security/audit account -> assume into account -> run Athena queries

@0xdabbad00
Copy link
Collaborator Author

No, the concept here is that many companies use Federated users (ex. SSO into accounts), which can end up all being just the same IAM role, so you have Alice and Bob using Okta to access the AWS account as the admin role. So you want to know, does Bob actually use all of his privileges? Can we limit Bob to only view access?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@0xdabbad00 @robertdavis1