P0 App Documentation
Sign up for FreeKnowledge Base
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
      • πŸ“¦AWS
        • Requesting Access
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Integrate P0 with Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • πŸ”ŒSIEM Integrations
      • Splunk HEC Setup
  • P0 Management
    • 🎩Role-Based Access Control
Powered by GitBook
On this page
  • Set up an Account and an Access Approver
  • Install P0 and an IAM Resource
  • Make your First Access Request
  • What's Next
  1. Getting Started

Quick Start

PreviousService-Account Key RotationNextShare P0 With Your Team

Last updated 7 days ago

This guide provides the following sections to help you get up and running with P0's Just-in-time access:

This process takes about 15 minutes.

This document uses the following terms:

  • Requestor: Person who requests access to a resource via P0's Slack bot.

  • Approver: Person who approves these access requests via P0's Slack bot.

Set up an Account and an Access Approver

To create your P0 account and set up an approver to approve access requests:

  1. Create a free P0 account at. All you need is an email address.

  2. Set up a cloud integration through the onboarding flow (optional)

  3. Once you've completed the onboarding, under Settings, add one or more access-request approvers.

If you want approvers to be able to approve their own requests, enable Allow one-party approvals?.

Install P0 and an IAM Resource

To install P0 and an IAM resource:

  1. To set up P0 on an IAM resource, follow one of the guides below:

  • P0 is in the process of adding additional IAM request methods, including a Microsoft Teams bot.

Make your First Access Request

  1. Navigate to any page under Just-in-time https://p0.app/o/<your organization>/jit/activity and click the Request Access button in the top right

  1. Populate the request details. For example:

  1. The approver will be able to see the request under the Just-in-time Activity page under the Pending section

    After a few moments, the access requestor will receive a notification in the p0-requests channel that access was granted.

Most IAM systems have a delay of around 10 to 30 seconds after access is configured before access propagates to the resource and usage is enabled.

  1. Once the access propagates to the resource, the request will progress to the Active section.

Access automatically ends after the expiration period is over, or when the requestor clicks the Relinquish button in their P0 DM.

  1. Have the requestor open Slack, navigate to the p0-requests channel, and enter /p0 request in the Slack channel:

  1. Populate the request details. For example:

  2. The approver should receive a Slack notification via a DM from P0 Security. Navigate to that DM chat, choose an expiration, and click Approve.

    After a few moments, the access requestor will receive a notification in the p0-requests channel that access was granted.

Most IAM systems have a delay of around 10 to 30 seconds after access is configured before access propagates to the resource and usage is enabled.

  1. Once the access propagates to the resource, the requestor can validate the access.

Access automatically ends after the expiration period is over, or when the requestor clicks the Relinquish button in their P0 DM.

What's Next

Now that you can make access requests, you can:

To install P0 on your Slack instance, follow the .

You can use the (CLI) as an alternate method to request permissions, and then approve using the P0 website app.

Once you've set up P0, you can make your first access request. You can try this out entirely on your own, if you enabled one-party approvals in above. Otherwise, grab a colleague to help you, and designate one person as the requestor and the other as the approver:

If you run into any issues, please reach out to for assistance. We're here to help!

Add

Connect P0 to

Add

Run an

based on the requestor and resource

⬇️
Slack set-up instructions
☁️Google Cloud
πŸ“¦AWS
❄️Snowflake
☸️Kubernetes
πŸ”‹PostgreSQL
P0 Security Command-line Interface
support@p0.dev
additional IAM integrations
your directory
auto approvals
IAM audit
Route, automatically approve, and automatically deny requests
Set up an Account and an Access Approver
https://p0.app/create-account
Prerequisites
Set up an Account and an Access Approver
Install P0 and an IAM Resource
Make Your First Access Request