Discover more from Cloud Everyday
AWS IAM Identity Center w Jo Peterson
Single-sign on is table stakes today. However, you still need to think about how you'll enable this expected feature in applications and infrastructure.
AWS IAM Identity Center (Successor to AWS Single Sign-On)
This is one of 7 tools in the Identity and Access Category
What is it?
A tool that centrally manage workforce access to multiple AWS accounts and applications
How does it work?
AWS IAM Identity Center (successor to AWS Single Sign-On) helps you securely create or connect your workforce identities and manage their access centrally across AWS accounts and applications. IAM Identity Center is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type.
What are a few uses cases for the tool?
Enable multi-account access to your AWS accounts
Your users can use their directory credentials for single sign-on access to multiple AWS accounts. Their personalized web user portal shows their assigned roles in AWS accounts in one place. Users can also single sign-on through the AWS Command Line Interface (CLI), AWS SDKs, or AWS Console Mobile Application using their directory credentials for a consistent authentication experience.
Enable single sign-on access to your AWS applications
IAM Identity Center is integrated with applications such as Amazon SageMaker Studio, AWS Systems Manager Change Manager, and AWS IoT SiteWise for zero-configuration authentication and authorization. These integrated applications share a consistent view of users and groups for resource sharing and collaboration all within the application.
Enable single sign-on access to Amazon EC2 Windows instances
Securely access your Amazon EC2 Windows instances with existing corporate user names, passwords, and MFA devices. You are not required to share administrator credentials, access credentials multiple times, or configure remote access client software. You can centrally grant and revoke access to your EC2 Windows instances at scale across multiple AWS accounts.
Enable single sign-on access to cloud-based applications
You can more easily configure single sign-on access to applications that support SAML 2.0 using the IAM Identity Center application configuration wizard. IAM Identity Center also provides preconfigured settings for many cloud applications, including Salesforce, Box, and Microsoft 365.