IAM Identity Center (SSO)

IAM Identity Center (SSO)

connect an existing directory or use the built-in Identity Center directory to manage user access to AWS accounts and cloud application.

• Centrally managed SSO to access multiple accounts and 3rd-party business applications.

• Integrated with OU and supports SAML 2.0 and AD.

• Centrallized permission and CloudTrail audit.

Related services

• AWS Organization

• AWS IAM

Trivia

• A two-way trust relationship is needed between AWS Managed Microsoft AD and a self-managed AD for users to sign in with their corporate credentials to AWS services.

Concepts

• Permission set: a set of one or more IAM policies assigned to users and groups to define AWS access.