If you already have AWS integrated with Vanta, you have the ability to allow Vanta to read resources from the Identity Store.
First, you will need to update the permissions of your "VantaAdditionalPermissions" policy in AWS. The following permissions need to be added to the policy
"identitystore:Describe*",
"identitystore:Get*",
"identitystore:IsMemberInGroups",
"identitystore:List*"
You can add these in the "Allow" section of your VantaAddtionalPermissions policy:
After the policy has been updated, Navigate to the integrations page and select Manage>Edit on the AWS integration:
Select the pencil icon next to your account
Enable the AWS IAM Identity Center option
You will find the Identity store ID and IAM Identity Center ARN information on the Settings page of the IAM identity center in the AWS console here