AWS - IAM Identity Center Integration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AWS - IAM Identity Center Integration

L1 Bithead

Hi All,

 

Thank you in advance.

 

I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session duration.

 

Can you assist me in understanding this requirement more so that I can find the relevant information on the AWS Side?


Thank you

1 accepted solution

Accepted Solutions

The document I linked applies to authentication for all AWS integrations in general. That one section does mention the AWS - IAM integration specifically, but the concepts still apply to all AWS integrations.

 

For the Role ARN, please follow the documentation here, which includes creating an IAM role for the integration: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configuration-using-.... Then you will supply the ARN of that role in the integration instance settings.

View solution in original post

4 REPLIES 4

L3 Networker

Hi @RSenanayake – Please see here for descriptions of these parameters: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configure-the-aws-ia...

 

Or see the AWS boto3 docs (this is the python lib the integration uses): https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sts/client/assume_role.ht... 

 

For Role Session Name and Role Session Duration specifically, the values are up to you. Role Session Duration can be specified or simply left blank to use the default value.

Hi Asawyer,

 

Thanks for the reply.

 

The link you shared is for IAM right? I am referring to the AWS Identity center.

Since the integration requires a role arn, is it an SSO role they are referring to or a general role? And also for the trust relationship, what are the parameters we should provide?

The document I linked applies to authentication for all AWS integrations in general. That one section does mention the AWS - IAM integration specifically, but the concepts still apply to all AWS integrations.

 

For the Role ARN, please follow the documentation here, which includes creating an IAM role for the integration: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configuration-using-.... Then you will supply the ARN of that role in the integration instance settings.

L1 Bithead

Hi @asawyer ,

 

Thanks for the responses. I got it to work based on the documents you shared.

  • 1 accepted solution
  • 1815 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!