Managing Permissions on Demand Request Approvers

One-Click Least Privilege. Zero Disruption.

Overview

Permissions on Demand, requires a defined listing of Approvers. This list provides a means to allow your organization to extend permission approval to those who have suitable authority and knowledge to authorize usage.

info

The list of Approvers defined within the Cloud Permissions Firewall are not required to have any associated privileges within your cloud estate to mutate the respective Cloud Controls or change any cloud access, this is simply about change management!

Prerequisites

The "Administrator" RBAC role is required for assigning/removing Approvers.

Adding Approvers

You can add Approvers at any scope be it Organization, OU, or specific AWS Account.

Example: LoanAppDev OU

The main Approvers page, scoped to display an OU.

As indicated on the right-hand side of the row (i.e. the user addition icon), Approvers can be added directly to the OU (i.e. applied to all nested Accounts), or to any of the nested Accounts individually.

Once the user addition icon is clicked, this 'Assign Approvers' window displays, allowing further Approver assignment or removals.

Check the box within the Suggestions list or input an email address to add an Approver.

Similary, uncheck the box or click the 'x' icon for an Approver will remove them from the list (once is clicked).

Overview​

Prerequisites​

Adding Approvers​

Overview

Prerequisites

Adding Approvers