⬇️Getting Started with Just-in-Time Access
This guide provides the following sections to help you get up and running with P0's Just-in-time access:
Set up an Account and a Security Reviewer
To create your P0 account and set up an approver to approve access requests:
Create a free P0 account at https://p0.app/create-account. All you need is an email address.
Set up a cloud integration through the guided onboarding flow (select Just-in-time Access). You may skip this step and instead follow the instructions to install a resource in the next step.
Once you've completed the onboarding, under P0 Management, add one or more "Security Reviewers". Security Reviewers will be able to approve access requests.

Install P0 on an IAM Resource
If you already configured a resource as part of the guided onboarding, you may skip this step. Otherwise, you will need to install an IAM resource to which users can request Just-in-time access.
To do this, navigate to Integrations and select the integration you wish to install from the list of "Resource" integrations.

Once you have selected a resource, follow the instructions in the app to provide P0 with permissions to grant and revoke access on that resource via the IAM Management installation. For more information, follow one of the resource-specific installation guides below.
☁️Google Cloud📦AWS❄️Snowflake☸️Kubernetes🔋PostgreSQLMake your First Access Request
Once you've set up P0, you can make your first access request. You can try this out entirely on your own, if you enabled one-party approvals in Set up an Account and a Security Reviewer above. Otherwise, grab a colleague to help you, and designate one person as the requestor and the other as the approver:
Navigate to any page under Just-in-time
https://p0.app/o/<your organization>/jit/activity
and click the Request Access button in the top right

Populate the request details. For example:

The approver will be able to see the request under the Just-in-time Activity page under the Pending section
After a few moments, the access requestor will receive a notification in the p0-requests channel that access was granted.
Most IAM systems have a delay of around 10 to 30 seconds after access is configured before access propagates to the resource and usage is enabled.
Once the access propagates to the resource, the request will progress to the Active section.

What's Next
If you run into any issues, please reach out to [email protected] for assistance. We're here to help!
Now that you can make access requests, you can:
Connect P0 to your directory
Add auto approvals
Start using P0's Inventory & Posture capabilities
Route, automatically approve, and automatically deny requests based on the requestor and resource
Last updated