Blog
Newsletter

Community Newsletter: July 2024

Fraser Ricupero
Fraser Ricupero
July 31, 2024
Community Newsletter: July 2024

Community Newsletter: July 2024

Hey everyone! Shwetha here with the latest tech update. If you want to contribute to what we're building or would like more regular weekly updates, please join our Slack community or follow us on Twitter!

RDS access

We are excited to announce that our AWS RDS Integration is now generally available. This integration allows users to request Just-In-Time (JIT) access to RDS databases, leveraging AWS SSM to connect via the Common Fate AWS Proxy service deployed to ECS in your account.

The proxy service captures audit logs of all SQL commands executed by the user during their session which can be viewed in real-time. Want to learn more about setting up RDS access with Common Fate? Book a live demo using this link.

Cedar Terraform Provider

We have released a Cedar Terraform Provider to make authoring Cedar policies easier in Terraform. The provider allows you to write authorization policies using HCL, Terraform's configuration syntax. Please read our latest blog post here to learn more!

Insights

Common Fate now shows key metrics to measure the impact of using Just-In-Time access. Access Hours Reduction measures the risk reduction compared to persistent access. Protected Users helps you track adoption of Common Fate.

New User Directory

We have revamped how we manage users and groups in Common Fate. Users with read administrator access will now find a dedicated panel in the taskbar dedicated to the Directory.

Granted Updates

In our ongoing commitment to enhancing Granted, we're excited to share the latest updates:

AWS RDS Proxy Plugin

You can now use Granted’s AWS RDS Proxy Plugin to connect to an AWS RDS database over AWS SSM Session Manager. The connection is routed through a Common Fate AWS Proxy which captures audit logs of the SQL statements executed. The plugin uses the Common Fate control plane APIs to determine which databases a user is authorized to access, so to use this plugin a Common Fate instance is required.

Check JIT request status

You can now use granted request check to check the status of a Just-In-Time Access Request, for AWS profiles protected by Common Fate: granted request check --aws-profile Production/ViewOnlyAccess

A big shoutout to our first-time contributor:

For a comprehensive list of changes, please visit our changelog.

Your voice shapes our tools. We value your feedback, suggestions, and ideas, so please don't hesitate to get in touch.

Until next time,

The Common Fate Team

Share this post
Fraser Ricupero
Co-Founder