| CPC G06F 21/45 (2013.01) [H04L 63/0884 (2013.01); H04L 63/102 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A system, comprising:
a plurality of computers comprising processors and memory configured to implement one or more services of a service provider network that provide access to hosted resources;
one or more processors and memory configured to implement an identity manager configured to:
receive a request from a client to assume a temporary identity, the request comprising:
current credentials for a current identity for the client, the current credentials including a persistent source value; and
an identifier of the temporary identity;
generate, based on validation of the current credentials, a first credentials for the temporary identity, wherein the first credentials include the identifier of the temporary identity and the persistent source value; and
send, to the client, the first credentials that include the identifier of the temporary identity and the persistent source value copied from the request;
a computer of the plurality of computers hosting a given one of the resources and a logging agent, the computer configured to:
receive an access request for the given resource and comprising the first credentials;
process, based on validation of the first credentials, the access request; and
log information associated with the access request, wherein the log information includes the identifier of the temporary identity and the persistent source value.
|