Auditing Access in Apono

Overview

Apono is a platform for Just-in-Time access management that keeps organizations secure and compliant.

Apono makes it easier for DevOps, DevSecOps, IT and IAM Ops to manage access, reduces risk of human error and attack and eliminates the need for clunky IT service management systems in your everyday work.

If your organization is using Apono, access to cloud resources in development, CI/CD, data repositories, cloud infrastructure and more is managed centrally:

• Admins in the organization set Access Flows which determine who can access what, with how permissions and for how long

• Developers that need access use Slack, Teams or CLI to request access

• Access is either automatically approved or sent for review by approvers, according to the Access Flow

• Every access request is logged and admins can create, save, export, and schedule audit reports (see guide below)

Audit access

Use the Apono UI or Slack to:

• See all your organization's access requests.

• See active and expired access granted with Apono.

• Revoke active access when needed.

Access requests

1. In the Apono app, navigate to Activity

2. Under the Audit tab, you will find all the organization's access requests sorted by creation date

3. Each log contains the following information:

   1. Request ID - unique ID generated by Apono & creation time

   2. Requester - name and email

   3. Resource type - the cloud service or resource type, for example Repository, Bucket, Machine, Database, etc.

   4. Resources - all the instances of the resource type that were requested

   5. Permissions - all the permissions on the resources that were requested

   6. Status - the request status (see below) and the last update time

4. Take actions:

   1. Revoke Access button - allows the admin to revoke access before the expiry time. Enabled if the access is active and disabled when it is expired

1. Timeline - click to see the access request lifecycle from the time of request

Request statuses

• Approved - the access was approved automatically or by approver(s), depending on the Access Flow

• Rejected - the access was rejected by approver(s)

• Granted - the access was provisioned by Apono and the user is now accessible to the resources

• Pending - the request is pending review by approver(s)

• Revoking - Apono is in the process of revoking the access to the resources

• Expired - the access time ended and Apono revoked the access. The user is no longer accessible to the resources

• Failed - a technical error occurred and access could not be provisioned. Contact Apono for support.

Active access and how to revoke it

1. In the Apono app, navigate to Activity

2. Under the Audit tab, you will find all the organization's access requests sorted by creation date

3. Filter Status == Granted

4. See a list of all the active access in your organization

5. Revoke access directly from the Apono UI by clicking 'Revoke Access'

Audit channel in Slack

You can check out the permissions request channel for in a permissions-audit channel in Slack.

Here you will see a list of all the access requests created in the organization at every step of the access lifecycle:

• Request

• Grant

• Revoke

For each request you will find:

• The requester

• Permissions requested

• Resources requested

• Integration of source

• Action - request, grant, revoke

• Access duration