Quick Start

This guide provides the following sections to help you get up and running with P0:

This process takes about 15 minutes.

Prerequisites

In order to set up P0, you or a colleague must have admin privileges to:

Install a Slack App
Create roles or policies and grant privileges on at least one IAM resource (e.g., Amazon Web Services (AWS), Google Cloud, or Snowflake)

This document uses the following terms:

Requestor: Person who requests access to a resource via P0's Slack bot.
Approver: Person who approves these access requests via P0's Slack bot.

Set up an Account and an Access Approver

To create your P0 account and set up an approver to approve access requests:

Create a free P0 account at https://p0.app/create-account. All you need is an email address.
Once you've created an account, under Settings, add one or more access-request approvers.

If you want approvers to be able to approve their own requests, enable Allow one-party approvals?.

Install P0 and an IAM Resource

To install P0 and an IAM resource:

To install P0 on your Slack instance, follow the Slack set-up instructions.
To set up P0 on an IAM resource, follow one of the guides below:

☁️Google Cloud Integration Setup

📦AWS

❄️Snowflake

☸️Kubernetes

🔋PostgreSQL Integration Setup

You can use the P0 Security Command-line Interface (CLI) as an alternate method to request permissions, and then approve using the P0 website app.
P0 is in the process of adding additional IAM request methods, including a Microsoft Teams bot.

Make your First Access Request

Once you've set up P0, you can make your first access request. You can try this out entirely on your own, if you enabled one-party approvals in Set up an Account and an Access Approver above. Otherwise, grab a colleague to help you, and designate one person as the requestor and the other as the approver:

Have the requestor open Slack, navigate to the p0-requests channel, and enter /p0 request in the Slack channel:

Populate the request details. For example:
The approver should receive a Slack notification via a DM from P0 Security. Navigate to that DM chat, choose an expiration, and click Approve.
After a few moments, the access requestor will receive a notification in the p0-requests channel that access was granted.

Most IAM systems have a delay of around 10 to 30 seconds after access is configured before access propagates to the resource and usage is enabled.

Once the access propagates to the resource, the requestor can validate the access.

Access automatically ends after the expiration period is over, or when the requestor clicks the Relinquish button in their P0 DM.

What's Next

If you run into any issues, please reach out to support@p0.dev for assistance. We're here to help!

Now that you can make access requests, you can:

Add additional IAM integrations
Connect P0 to your directory
Add auto approvals
Run an IAM audit
Route, automatically approve, and automatically deny requests based on the requestor and resource

PreviousIAM Assessment NextShare P0 With Your Team

Last updated 16 days ago