IAM Identity Center (SSO)

IAM Identity Center (SSO)

connect an existing directory or use the built-in Identity Center directory to manage user access to AWS accounts and cloud application.

  • Centrally managed SSO to access multiple accounts and 3rd-party business applications.

  • Integrated with OU and supports SAML 2.0 and AD.

  • Centrallized permission and CloudTrail audit.

  • AWS Organization

  • AWS IAM

Trivia

  • A two-way trust relationship is needed between AWS Managed Microsoft AD and a self-managed AD for users to sign in with their corporate credentials to AWS services.

Concepts

  • Permission set: a set of one or more IAM policies assigned to users and groups to define AWS access.

Last updated