Confusing and misleading errors result from lack of testing and an unfriendly experience related to AWS SSO session timeout
I really don’t understand the point of the ugly link you get when an AWS SSO session times out. I understand you might want to make sure a user is still there, but many banks do this in a much more user-friendly manner.
Pop up a box asking a user if they are still there. If they click it it takes them exactly back to the spot they were at. I understand you may have some system re-design and re-architecture to figure out to support this — and securely — but the current solution is really hokey.
So many things break due to this behavior. Were you editing complicated Lambda code? Sorry, it’s gone. You’ll need to start over.
Were you trying to update a complex role? Nope that’s gone too. Start over.
Here’s another example, with pictures:
I was trying to add a new role that I had successfully created and verified existed in the IAM console and CloudFormation. When I went back to the Lambda screen it wouldn’t show up even with a refresh. I tried to go back to look at my role as I was sure I had added a proper trust policy. That’s when I figured out my SSO session had timed out.
Once I logged back in again I could see the two roles I created.
This behavior is really confusing and another example of why some aspects of IAM are still better than AWS SSO.
Teri Radichel
If you liked this story please clap and follow:
Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research
© 2nd Sight Lab 2022
____________________________________________
Author:
Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.
Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts
