mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 22:24:56 +03:00
mukul975
56 lines
2.3 KiB
Markdown
56 lines
2.3 KiB
Markdown
# Just-In-Time Access Provisioning Workflows
|
|
|
|
## Workflow 1: Standard JIT Access Request
|
|
|
|
### Steps:
|
|
1. User submits access request via self-service portal
|
|
2. Request includes: target resource, duration, business justification
|
|
3. System calculates risk score based on resource sensitivity and user context
|
|
4. Risk-based routing:
|
|
- Low risk (< 1 hr, non-privileged): Auto-approve
|
|
- Medium risk: Route to resource owner for approval
|
|
- High risk (privileged, production): Dual approval required
|
|
5. Approver notified via email/Slack/Teams
|
|
6. Approver reviews and approves/denies with comments
|
|
7. On approval: system provisions access with time-bound constraint
|
|
8. User notified of access grant with expiration time
|
|
9. At expiration: system automatically revokes access
|
|
10. All events logged for audit trail
|
|
|
|
## Workflow 2: Emergency JIT Access (Break-Glass)
|
|
|
|
### Steps:
|
|
1. User declares emergency and requests immediate access
|
|
2. System grants access immediately without pre-approval
|
|
3. Access limited to shorter maximum duration (e.g., 2 hours)
|
|
4. Security team notified of emergency access grant
|
|
5. User must provide justification within 24 hours
|
|
6. Manager and security team perform post-facto review
|
|
7. If review finds access unjustified: security incident opened
|
|
8. All emergency access events flagged in audit reports
|
|
|
|
## Workflow 3: Privileged Elevation with PAM Integration
|
|
|
|
### Steps:
|
|
1. User requests privilege elevation through JIT portal
|
|
2. Approval obtained per risk-based workflow
|
|
3. JIT system triggers PAM credential checkout
|
|
4. PSM session initiated with time-bound credential
|
|
5. User performs privileged operations via isolated session
|
|
6. Session recorded for audit
|
|
7. At expiration: session terminated, credential checked in, password rotated
|
|
8. JIT access record closed
|
|
|
|
## Workflow 4: Vendor/Third-Party JIT Access
|
|
|
|
### Steps:
|
|
1. Internal sponsor submits access request on behalf of vendor
|
|
2. Request includes: vendor identity, scope, duration, project reference
|
|
3. Dual approval required (sponsor manager + security)
|
|
4. Temporary account created with MFA enrollment
|
|
5. Access restricted to specified resources only
|
|
6. Network access limited to authorized segments
|
|
7. Session monitoring enabled
|
|
8. Account deactivated at expiration
|
|
9. Account deleted after 30-day retention period
|