AdisM.68092 (SeatGeek) asked a question.
Has anyone been able to successfully get Okta > AWS entitlements working: https://www.okta.com/blog/2021/04/okta-amazon-web-services-aws-automate-aws-sso-with-okta-workflows/
This is a big deal as it automates adding users to entitlements (ie permission sets). I have it working but there's one big problem. The AWS connector that comes out of the box works for all types of AWS accounts except the main root AWS account.
That is a big problem as we highly depend on this AWS account and we want to automate permissions on that account and not just other AWS sub-accounts, making their "out of the box..." practically unusable for anyone who uses their root AWS account.
I am currently trying to see if I can use the API Connector instead, but so far no luck.
Hello Adis,
Stefan here with Okta's Tech Support Team here.
I wanted to follow up with you to let you know that I've looked into the matter, and at the moment, the connector is indeed not built to work with the root account, and I could find out this is due to security concerns.
As a workaround, it was indeed recommended to build a custom API connector.
Thank you,
Stefan Pescaru
Technical Support Engineer
Okta Global Customer Care