Amazon

AWS

Access Requests
Manual target selection
Add Access
Risk Analysis
Designer
Provisioning
Verifier
Remove Access
Designer
Verifier
Decommission Network Object
Impact Analysis
Verifier
Rule Decommission
Rule Decommission from the Rule Viewer
Rule Recertification
Update metadata

Notes for AWS:

  • Nested SGs are not supported as source or destination in an access request.
  • When Topology is enabled for an access request, Designer results do not include AWS VPCs even if the VPCs are relevant for the access request traffic path.
  • Unattached SGs cannot be provisioned. SG must contain at least one VM instance in order to be provisioned.
  • Verifier is not supported when AWS SG was selected in non-topology mode Access request.
  • Remove access provisioning runs only when the existing rule exactly matches the remove request.