IAM Identity Center (SSO)
Last updated
Last updated
connect an existing directory or use the built-in Identity Center directory to manage user access to AWS accounts and cloud application.
Centrally managed SSO to access multiple accounts and 3rd-party business applications.
Integrated with OU and supports SAML 2.0 and AD.
Centrallized permission and CloudTrail audit.
AWS Organization
AWS IAM
A two-way trust relationship is needed between AWS Managed Microsoft AD and a self-managed AD for users to sign in with their corporate credentials to AWS services.
Permission set: a set of one or more IAM policies assigned to users and groups to define AWS access.