Table of contents
When a user requests elevated access to an account, if you are a member of the approver group for that account/OU, you will receive a notification prompting you to log into the TEAM app and either approve or reject the elevated access request.
- Log into the application.
- In the left-hand menu go to Approvals → Approve requests.
- You will see all of the requests that are pending your approval. Tick the request and click on View details.
- Review the information, including the Justification field if provided. Close the pop-up window.
- With the request still ticked, click on Actions, and either Approve or Reject the request.
- You might be required to provide a Comment with the reason when approving/rejecting the request.
An approver can inspect actions performed by a requester in near realtime during or after the expiry of elevated access.
- In the left-hand menu go to Elevated access → Active access.
- Tick the session you are interested in and click View details.
- Review the details of the request.
- Click on dropdown Session activity logs.
- You can view all of the CloudTrail logs (recorded actions made by the user) since the start of the session.
- You can use the search bar to search the logs.
- To revoke access for the user, click Revoke.
An approver can revoke elevated access for a requester in scenarios such as when the initial approval was unintended or when there is evidence of abuse or misuse of elevated access. Follow the steps in the previous section to revoke elevated access.