- Governance: Approval of workflows and version history for policies.
- Discovery: Visualize and audit policies across applications.
- Real-Time Enforcement: AVP evaluates access requests using Reva-managed policies.
- Auditability: Decision logs tracked in AWS CloudTrail.
Key Benefits
- Consistency: Enforce Reva-authored policies across all applications via AVP.
- Scalability: Handle high-volume authorization with AVP’s serverless architecture.
- Visibility: Discover and manage policies from a single interface.
Prerequisites
To run the CloudFormation Template (CFT), you need permissions for:- CloudFormation (deploy infrastructure)
- IAM (create Reva roles/policies)
- CloudTrail & S3 (capture/store audit logs)
- EventBridge (route log events)
- SQS (temporarily store events for Reva)
- AVP (full policy store access)
Integration Steps
- Start AWS Integration
- → In Reva: Integrations > ”+ Integration” > Select “AWS”
- Configure Settings
- Name: (e.g., “AVP Production”)
- AWS Account: 12-digit ID (e.g., 214899999999)
- Description: (e.g., “AVP policy management”)
- Region: (e.g., US East (N. Virginia))
- Policy Type: AVP
- Set Permissions
- Read/Write: Manage policies and read logs
- Read Only: Discover/view policies and read logs
- Save Draft
- → Review settings before activating
- Deploy CloudFormation Template (CFT)
- Enter your AWS Account and Region
- Select Permission Level
- Run CFT in your AWS account to:
- Create IAM roles for Reva
- Set up CloudTrail → S3 logging
- Configure EventBridge → SQS → Reva pipeline
- Grant AVP/SQS permissions
- Confirm successful deployment
- After running the CFT in your AWS account successfully, check the box to confirm that the CFT has been run successfully.
- Activate Integration
- → Click “Activation”
- → Status changes from Draft → Enabled
Tip: Go to Application Onboarding Process