Access AWS if Stax is unavailable

Learn what to do if Stax is unavailable and you need to access your AWS account

Article Tags
On This Page
Scenario 1: Inability to Access the Stax Console/APIScenario 2: Inability to Access the Stax Identity Broker

Stax manages your access into AWS. If Stax is unavailable, we suggest that you follow the below advice to get into your AWS accounts. The status page will be updated once Stax is operational again.


Scenario 1: Inability to Access the Stax Console/API

AWS access is managed by the Stax Identity Broker. In the event that the Stax Console and Stax API are unavailable, the Stax Identity Broker will still function. This is because the Identity Broker operates within your Security Account. It is advisable that you save the URL of the Identity Broker login page for each AWS account. The URL aligns to the following format:

https://id.security.<customer_alias>.au1.staxapp.cloud/auth/realms/master/protocol/saml/clients/<role_name>-<aws_account_id>

For example:

https://id.security.<customer_alias>.au1.staxapp.cloud/auth/realms/master/protocol/saml/clients/admin-123456789123

It should be noted that you will not be able to edit user details or create any new users whilst Stax is unavailable. You will only be able to login to AWS accounts with existing users.


Scenario 2: Inability to Access the Stax Identity Broker

In the event that the Stax Identity Broker is unavailable, you will not be able to access AWS accounts via the Stax SAML assertion method. To protect against this scenario, you can create IAM users in each account as a break glass option. It is advisable that this IAM user not be used in any other scenario.