Temporary Infrastructure Access with Indent

a year ago
Written by
Elsie Phillips

Famous last words:

“Oh I thought I was on staging”

Maybe it was the production index, maybe it was a VPC. But you’ve accidentally deleted some critical piece of infrastructure. Hopefully you have backups, but it could take hours to reconstruct.

Mistakes and breaches happen All. The. Time.

Granting persistent infrastructure access is then an absolutely insane proposition given the multi-faceted cost of outages.

In DevOps culture, teams are encouraged to move quickly, and ownership over running code is shared between developers and operators. Asking for, getting, and revoking ad-hoc permissions takes time. To try to circumvent this, engineers become over-permissioned.

Implementing RBAC alone won’t fix that. In fact, traditional Least Privilege won’t either.

Using Indent with AWS Identity Center, Google Cloud, or as of today, Azure through our Early Access Program, you can implement least privilege in a practical way.

Automation is the key to granting fast, compliant access. It allows engineers to maintain minimum viable access at any given time without getting annoyed.

Getting access can be urgent, especially for on-call teams.

Indent is built to get temporary access to engineers quickly through a Slack-based workflow. Requests are automatically routed based on your compliance policies and revoked after the approver’s set duration. Certain resources can also be configured to instantly approve based on the requester’s on-call status.

With guardrails that expedite and protect the entire access lifecycle, your access control policies are followed every time without slowing engineers down.

Indent for AWS Identity Center

AWS Identity Center (formerly AWS SSO) can be used to authenticate access to AWS resources as either a standalone identity provider or through connecting to providers like Okta or Google.

Without Indent, administrators manage access through the AWS admin console, manually needing to add and revoke permissions for users.

By using Indent’s AWS Identity Center integration, access provisioning and revocation can be triggered based on actions taken by approvers in Slack or through the Indent Dashboard.

See the new AWS Identity Center Integration →

Indent for Google Cloud

To grant Google Cloud access the smart way, all you need are some Google Groups that map to your resources and Indent. The Google Group integration can pull those groups as resources and allow your team to request access to them.

Once approved, Indent is able to move engineers in and out of those groups, granting and revoking their access to those resources.

Get a demo from our team of the Google Cloud Integration →

Indent for Azure

Whether you’re running your infrastructure on Azure, using the latest Azure OpenAI Service, or just using Azure for data pipelines like Power BI, it’s important to ensure only the necessary people have access to sensitive data stored and Indent can help.

We’re excited to offer the ability to manage temporary access with Azure AD through a native integration with Indent. If you’d like to see a demo of how it would work for your organization, our team is happy to show you →

Or if you’re interested in being an early tester, join our waitlist now.

Try Indent for free.