1 Answer
- Newest
- Most votes
- Most comments
0
Hello,
I conducted a test myself. I was able to log in to re:Post using my IAM Identity Center account. Therefore, yes, it is possible to log in and post on re:Post through Identity Center credentials.
To test the least-privileged IAM policy privilege, I assigned an AWS account with a permission set that included the AWS managed policy: AWSDenyAll to my IAM Identity Center account. Despite this, I was still able to use all the features of re:Post. Therefore, there are no special permission requirements for using re:Post.
I hope this information is helpful.
answered 25 days ago
Relevant content
- asked 8 months ago
- asked a year ago
- asked a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
Interesting. Thanks so much for spending the time. That means a lot! I am putting this on hold until I determine whether I need to do this since my IC user fails validation on repost but works fine on the portal. More ideas below but no need for you to spend additional brainpower on it at this time:-)
My issue may be related to the fact my IC user doesn't have an AWS console grant or something. I can login to my portal but not Repost. Repost asks for a builder id or IAM. My identity center user gets an invalid credentials on repost.
Thanks again for the time.
Thank you for your reply.
First of all, it may not be possible to log in to the repost service if the IC user is not assigned to an AWS account.
To assist in resolving the issue, I will explain the testing procedure I carried out:
arn:aws:sts:{account}:assumed-role/AWSReservedSSO_{user}
.And you are correct. re:Post asks for either a Builder ID or IAM, and IAM Identity Center uses IAM roles.
Under the hood, when the user uses IAM Identity Center to access the AWS Management Console or CLI, the IAM Identity Center sign in session is used to obtain an IAM session, as specified in the corresponding IAM Identity Center permission set (more specifically, IAM Identity Center assumes an IAM role, which IAM Identity Center manages, in the target account).
https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html#sessionsconcept
I tried to find the issue related to the "invalid credentials" when accessing re:Post, but I couldn't find it. I hope you can find a way to resolve this issue. If you have any further questions, comment down below!