Configure AWS federated access

To configure federated access, define AWS policies and security tokens.

Create an AWS security token

AWS security tokens allow you to provide trusted users with temporary, limited access to your AWS resources.

Before you begin

Role required: cloud_admin, aws_admin

About this task

Procedure

  1. Navigate to Amazon AWS Cloud > Reports > Security Tokens.
  2. Click New.
  3. Fill in the fields as described in the table.
  4. Click Submit.
    Table 1. AWS Security Token form fields
    Field Description
    Access key ID The access key ID that identifies the temporary security credentials.
    Arn Amazon resource number that is used to identify the federated user associated with the credentials.
    Account [read-only] The account used to generate a security token.
    Expiration The date on which the current credentials expire.
    Federated user ID The user ID for the federated user associated with the credentials.
    Packed policy size A percentage of the allowed value indicating the size of the policy in packed form.
    Secret access key The secret access key that can be used to sign requests.
    Session token The token that users must pass to the service APU to use the temporary credentials.

Assign an AWS security token to a user

After you create an AWS security token, assign the token to a user.

Before you begin

Role required: cloud_admin, aws_admin

Procedure

  1. Navigate to Amazon AWS Cloud > Reports > User Security Tokens.
  2. Click New.
  3. Fill in the fields as described in the table.
  4. Click Submit.
    Table 2. AWS Security Token form fields
    Field Description
    Token link close time Date and time the link to use the security token will expire.
    Token link open time Date and time the link to generate the security token will open.
    Policy AWS policy associated with the token.
    Purpose Description of the security token purpose.
    Request item Indicates whether the token is explicitly requested by a user or is generated by other processes.
    State State of the user token link. It can be scheduled, active, or closed.
    Token AWS security token that is tied to the record.
    User User to assign the security token to.

Define AWS policies

To assign permissions to an AWS account, create a policy that specifies permissions. A Super Admin Policy is enabled by default.

Before you begin

Role required: cloud_admin, aws_admin

Procedure

  1. Navigate to Amazon AWS Cloud > Administration > Policies.
  2. Click New.
  3. Enter a unique Name for the policy.
  4. Specify the policy parameters in JSON format.
    Define AWS policy
  5. Click Update.