+1Hi All,
I wanted to check if it’s possible to use role-based authentication for the AWS SOAR integration. Currently, it seems to only support authentication using an access key and secret key.
In my case, the access key and secret key keep changing frequently, which creates challenges. Has anyone discovered a way to implement role-based authentication for this integration?
+8This doesn’t seem to be supported currently. I recommend opening a support ticket and requesting this feature. There are quite a few AWS integrations in the marketplace, it would be worth noting this in the ticket so all of the integrations get updated to support AWS role based authentication, like IAM Roles Anywhere or however it gets implemented.
The documentation specifically mentions using IAM role auth for the V2 feeds but it doesn’t provide any detail on what might go in the trust policy.
https://docs.cloud.google.com/chronicle/docs/reference/feed-management-api#sample_create_feed_request_-_using_aws_iam_role_authentication
Given it mentions that V2 is using STS (storage transfer service, not security token service) then probably this approach will work
https://cloud.google.com/storage-transfer/docs/source-amazon-s3#federated_identity
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.