Skip to main content

Active Sessions

The Active Sessions page shows all your currently active JIT access sessions. Each session represents a time-bound grant of access to an AWS account that was created when your request was approved. Use this page to monitor how much time remains on your sessions and to revoke access when you no longer need it.

Accessing Active Sessions

Click Active Sessions in the sidebar navigation to open the page.

Sessions Table

The table lists all your active sessions with the following columns:

ColumnDescription
AccountThe AWS account name you have access to
Permission SetThe permission set granted for this session
Granted AtThe date and time the session was created (i.e., when the request was approved)
Time RemainingA progress bar showing how much access time is left
StatusThe current session status
ActionsAvailable actions for the session

Revoking a Session

If you no longer need access before the session expires, you can voluntarily revoke it. This is a best practice for maintaining least-privilege access.

Steps to Revoke

  1. Find the session you want to end in the Active Sessions table.
  2. Click the Revoke action button in the Actions column.
  3. A confirmation dialog appears showing:
    • A warning that revoking the session will immediately remove your access
    • Session details (account, permission set, time remaining)
    • An optional Reason field where you can explain why you are revoking early
  4. Click Confirm Revoke to end the session.
warning

Revoking a session is immediate and irreversible. Once revoked, your access to the AWS account is removed. You will need to submit a new request if you need access again.

When to Revoke

Consider revoking a session when:

  • You have completed the task that required access
  • You requested a longer duration than you actually needed
  • Your work scope has changed and you no longer need the permissions
  • A security concern requires you to relinquish access immediately

Next Steps