.svg)
Grant employees just-in-time permissions to critical applications with built-in expiration dates.
Follow the below-mentioned steps to grant automated, time-bound access to the new employee on board:
Go to the Applications module and select AWS as the application. Then, click on the Automation tab and select 'Provisioning.'
Click 'Add' to create a provisioning playbook to grant employees time-bound access to AWS.
Now, define the in-app action to grant employees temporary AWS access. For this, you have to first create a user in AWS and mention the group "Marketing" to which you want the employees to have access. Then, click on the 'publish app playbook.'
Then select deprovisioning and click 'Add' to create a playbook to revoke AWS access from employees.
Next, define the in-app action to revoke an employee's AWS access. Start by adding the 'Delete a User' action, then schedule the date to trigger it. Once configured, publish the app playbook.
Now, go to the Applications module, select Access Requests, and click on '+ New Rule' to run the AWS provisioning and deprovisioning playbook based on the set conditions.
Next, we have to configure approval rules by defining the following- 'When' - Access is requested for an existing application, 'Condition' - User account type equals employee, 'Then' - Initiate the approval process. Now, specify the provisioning action as running a playbook 'time-bound access for employees' and the deprovisioning action as running a playbook 'deprovisioning playbook for employees.'
Lastly, click on the Save rule button. Once the conditions are met, Zluri will automatically run the actions mentioned in the AWS playbook upon the employee raising the AWS request.
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.png)
.png)
.png)
.png)
.png)
.png)
