| CPC H04L 63/205 (2013.01) [G06F 16/168 (2019.01); G06F 16/283 (2019.01); H04L 63/101 (2013.01)] | 20 Claims |
|
1. A method comprising:
receiving, at an access policy automation service from an access policy automation service client configured at a computing resource, service request data associated with a request for access to a data processing service, wherein the service request data indicates a denial of the request for access to the data processing service;
determining, by the access policy automation service and based on the service request data, a workflow operation associated with the request for access to the data processing service, a workflow associated with the workflow operation, the data processing service, and a user associated with the workflow, the workflow comprising a plurality of operations;
determining, by the access policy automation service and based on the user, an access envelope associated with the user, wherein the access envelope comprises one or more service permissions associated with the user;
retrieving, by the access policy automation service, the access envelope from an access envelope data store;
generating, by the access policy automation service, a service permission allowing the user to access the data processing service;
modifying, by the access policy automation service, the access envelope to include the service permission in the one or more service permissions to generate a modified access envelope; and
storing, by the access policy automation service, the modified access envelope in the access envelope data store.
|