11-23-2023 07:27 PM
Hi All,
Thank you in advance.
I am facing an issue currently in integrating the AWS - IAM Identity Center Community Contribution. I am not able to find the relevant information for the integration such as Role Session Name, and Role Session duration.
Can you assist me in understanding this requirement more so that I can find the relevant information on the AWS Side?
Thank you
12-01-2023 03:00 PM
The document I linked applies to authentication for all AWS integrations in general. That one section does mention the AWS - IAM integration specifically, but the concepts still apply to all AWS integrations.
For the Role ARN, please follow the documentation here, which includes creating an IAM role for the integration: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configuration-using-.... Then you will supply the ARN of that role in the integration instance settings.
11-29-2023 04:29 PM
Hi @RSenanayake – Please see here for descriptions of these parameters: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configure-the-aws-ia...
Or see the AWS boto3 docs (this is the python lib the integration uses): https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sts/client/assume_role.ht...
For Role Session Name and Role Session Duration specifically, the values are up to you. Role Session Duration can be specified or simply left blank to use the default value.
11-30-2023 02:09 PM
Hi Asawyer,
Thanks for the reply.
The link you shared is for IAM right? I am referring to the AWS Identity center.
Since the integration requires a role arn, is it an SSO role they are referring to or a general role? And also for the trust relationship, what are the parameters we should provide?
12-01-2023 03:00 PM
The document I linked applies to authentication for all AWS integrations in general. That one section does mention the AWS - IAM integration specifically, but the concepts still apply to all AWS integrations.
For the Role ARN, please follow the documentation here, which includes creating an IAM role for the integration: https://xsoar.pan.dev/docs/reference/articles/aws-integrations---authentication#configuration-using-.... Then you will supply the ARN of that role in the integration instance settings.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
