Skip to content

apandays/drs-avp-sample-app

 
 

Repository files navigation

Transmit Detection & Response <> Amazon-Verified-Permissions Integration Sample App

Screenshot 2023-05-24 at 20 49 27

Getting Started

This sample app is written in next.js, covering both client & backend side integrations.

  1. run yarn or npm i
  2. make sure you install aws-cli on your machine from this guide: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
  3. run aws configure to connect to aws with your access-key
  4. In Transmit Security Admin Portal - create a new application to get client credentials as specified here
  5. In src/utils/config.ts file (backend config) - configure your transmitClientId & transmitClientSecret from the previous step, configure your policyStoreId from AWS Verified Permissions and the relevant AWS region.
  6. run the development server:
npm run dev
# or
yarn dev

Open http://localhost:3000 with your browser to see the result.

  1. Go inside verified-permissions in aws console, create your policy store and create the two separate policies:
// Permitting any user to perform login action to any account
permit (
    principal,
    action in [Action::"login"],
    resource
);
// Permitting specific 'demo-user-id' to perform ‘withdraw’ action in specific resource account, with additional condition on Detection and Response riskScore result
permit (
    principal == User::"demo-user-id",
    action in [Action::"withdraw"],
    resource == Account::"account-demo-user-id"
) when { context.riskScore <= 66 };
  1. Go back to the application, press 'Set User', then press Login/Withdraw buttons to trigger actions and see the authorization result.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 98.0%
  • TypeScript 1.8%
  • CSS 0.2%