Overview

• Reduce Over Privileges - Discover existing privileges to AWS roles, groups and services to convert to on-demand access flows to reduce over-privileges.
• Self Service Access - Empower your developers to gain self-servable access to AWS services, buckets, instances and more using Slack.
• Automated Approval Workflows - Create approval workflows to specific sensitive resources.
• Restricted Third Party Access - Grant third-party (customer or vendor) time-based access to specific S3 buckets, RDS or EC2 instances with MFA verification.
• Review Access - View a detailed access audit of who was granted access to which specific instances, buckets or other resources in AWS.

👍

Start Here

Great place to start! Follow these steps to integrating an AWS cloud account.

Prerequisites

• Administrator permissions of the account you would like to connect.

Connect an AWS Account

In Apono

1. From the Integration Catalog, select Connect Your AWS Account
2. When clicking Open Cloud Formation, you will be redirected to the AWS sign in page in a new tab.

In AWS

1. Sign in to your AWS user and click Next

2. Within the AWS create stack page, scroll down, tick the acknowledge box and then select Create Stack

Apono integrates with AWS natively, using AWS CloudFormation as a standard mechanism to deploy all required configurations including a Cross Account Role with Read permission, a SNS notification message, and the Apono Connector that runs using an AWS ECS on Fargate.

Back to Apono

3. Validate you've integrated Apono by seeing the integration is active and synced here.

👍

Hurray!

You've successfully integrated AWS with Apono. You can now create Access Flows to AWS IAM resources like AWS Roles.

4. If you would like to use Apono to create Access Flows with resources like to S3 buckets, RDS databases or other AWS services you can easily connect them to Apono as well. Just select them from the Integration Catalog.