IAM Identity Center (SSO)

IAM Identity Center (SSO)

connect an existing directory or use the built-in Identity Center directory to manage user access to AWS accounts and cloud application.

Centrally managed SSO to access multiple accounts and 3rd-party business applications.
Integrated with OU and supports SAML 2.0 and AD.
Centrallized permission and CloudTrail audit.

AWS Organization
AWS IAM

Trivia

A two-way trust relationship is needed between AWS Managed Microsoft AD and a self-managed AD for users to sign in with their corporate credentials to AWS services.

Concepts

Permission set: a set of one or more IAM policies assigned to users and groups to define AWS access.

PreviousPassRole NextOrganizations

Last updated 1 year ago