Community

Blog

Common Fate

User Guide

Granted

Glide

Book a Demo

Support

Glossary

Introduction

This guide outlines the steps for deploying the Common Fate IAM platform using Terraform to your AWS environment. In this guide, you'll provisioning AWS resources, set up Single-Sign-On login, and configure DNS for your deployment.

Deploying Common Fate

A guide to identifying and resolving common errors

Troubleshooting

Offerings Overview

Identity and Access Management is a critical aspect of cloud security, and as such, security is our top priority when developing and maintaining Common Fate.

Security

Learn how to use a custom sign-in URL for your Common Fate deployment.

Custom login domain

This guide outlines the steps applying database backups for RDS and DynamoDB in Common Fate deployments.

Managing Backups

This guide will get you started using Granted to assume roles in AWS. It will take around 5 minutes to complete.

Getting Started

Run the `assume` command to assume a role with Granted.

Assuming roles

Opening the console

Headless environments

Export to ~/.aws/credentials

Export to a .env file

Granted can automatically populate your local AWS configuration file (`~/.aws/config` by default) with `granted sso generate` and `granted sso populate`.

AWS config file generation

Storing IAM credentials securely

Profile Registries

Configuration

Just-In-Time (JIT) access to roles

Automatically reassume roles (ZSH)

Cache Commands

Credential Process

Disabling usage tips

Inline Role Assumption

Using pass on Linux

Encrypting AWS SSO Tokens Using Gnome Keyring

Running Granted on Windows with WSL and VSCode

How different Assumers work in Granted

Prerequisites

Deployment setup

Running the deployment

Next steps

Providers

Concepts

Deploying PDK Providers

Access Rules

Users and Groups

Logging

Connecting to Slack

Using a custom domain

Identity provider sync configuration

Deployment tagging

Updating your deployment

Web Application Firewall (WAF) integration

Backup

Audit trail events

Deployment YAML reference

Single Sign On

AWS IAM Identity Center (Formerly Single Sign On)

Azure AD

Google Workspace

Okta

OneLogin

Filtering User and Group Imports

Updating your SSO configuration

Security Architecture

AWS Credentials

End User Guide

Migration Guide

Developing Providers

Installing the PDK CLI

Get started using the Common Fate CLI to request access.

CLI Quickstart

Requesting Access

A reference on the format for the `cf` CLI configuration file (`~/.cf/config` by default)

Config TOML reference

Learn how to access to entitlements available in Common Fate.

This guide outlines the steps for configuring the Common Fate Terraform provider.

Setup Common Fate Terraform Provider

Learn how to make entitlements available for Just-In-Time (JIT) access.

Configuring Available Entitlements

This expains how to make workflows to be used in Common Fate.

Workflows

This expains how to make Selectors to be used in Common Fate.

Selectors

Learn how to make Availabilities to be used in Common Fate.

Availabilities

An overview of Common Fate's authorization system.

Learn how to validate Common Fate authorization policies.

Validating Cedar Policies

Learn how to author Common Fate authorization policies with Visual Studio Code.

Developing with Visual Studio Code

Validate authorization policies automatically in your CI platform.

Continuous Integration

Learn how to send events from Common Fate to an external SIEM.

Events

Learn how to inspect and debug authorization events within Common Fate.

Authorization

Preview the access which is granted by your authorization policies.

Preview Access

A guide to setting up Single-Sign-On to Common Fate using Microsoft Entra.

Microsoft Entra

A guide to setting up Single-Sign-On to Common Fate using AWS IAM Identity Center.

AWS IAM Identity Center

A guide to setting up Single-Sign-On to Common Fate using Okta.

PagerDuty

OpsGenie

Setup guide for the Common Fate GCP integration.

Google Cloud

Setup guide for the Common Fate BigQuery integration.

BigQuery

Setup guide for the Common Fate AWS integration.

Setup guide for the Common Fate AWS RDS integration.

AWS RDS

Setup guide for using Common Fate to grant access to IAM Identity Center groups

AWS IAM Identity Center Groups

Setup guide for the Common Fate Entra integration.

Entra

Setup guide for the Common Fate Okta integration.

Setup guide for the Common Fate DataStax integration.

DataStax

Slack

Send webhooks based on events in Common Fate

Webhooks

This page will detail migration steps to upgrade your deployment of Common Fate to new versions.

Component	Description
Target	The resource the entitlement grants access to, such as an AWS Account or GCP Project.
Role	The permissions the entitlement grants to the target resource, such as `AdministratorAccess` or `roles/editor`.

Setup

Configuration

Authorization Policies

Observability

Identity Integrations

Access Integrations

Notification Integrations

Migration Guide

Glossary

Entitlement

Access Workflow

Entity Identifier (EID)

Core Identity

Domain Identity

Grant

Access Request

Setup

Configuration

Authorization Policies

Observability

Identity Integrations

Access Integrations

Notification Integrations

Migration Guide

​Entitlement

​Access Workflow

​Entity Identifier (EID)

​Core Identity

​Domain Identity

​Grant

​Access Request

Entitlement

Access Workflow

Entity Identifier (EID)

Core Identity

Domain Identity

Grant

Access Request