AWS Single Sign-On
source link: https://aws.amazon.com/single-sign-on/?nc2=h_ql_prod_se_sso
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Workforce Identity Service
Learn About AWS Pricing
AWS Free Tier
AWS Pricing Calculator
Optimize Your Costs
Documentation
AWS Customer Enablement
AWS Support
AWS Professional Services
AWS IQ
AWS Training and Certification
AWS Managed Services
AWS re:Post
AWS Events and Webinars
AWS Summit Online
AWS Innovate Online Conference
Online Tech Talks
Public Sector Events
AWS Training and Certification Events and Webinars
AWS Single Sign-On (AWS SSO) is where you create, or connect, your workforce identities in AWS once and manage access centrally across your AWS organization. You can choose to manage access just to your AWS accounts or cloud applications. You can create user identities directly in AWS SSO, or you can bring them from your Microsoft Active Directory or a standards-based identity provider, such as Okta Universal Directory or Azure AD. With AWS SSO, you get a unified administration experience to define, customize, and assign fine-grained access. Your workforce users get a user portal to access all of their assigned AWS accounts, Amazon EC2 Windows instances, or cloud applications. AWS SSO can be flexibly configured to run alongside or replace AWS account access management via AWS IAM.
It’s easy to get started with AWS SSO. With just a few clicks in the management console, you can connect AWS SSO to your existing identity source and configure permissions that grant users access to their assigned AWS accounts, cloud applications, and other SAML-based applications that you add to AWS SSO.
Benefits
Central place to create or connect your identities
You have the option to create your users' identities and groups in AWS SSO. Or, you can connect to your existing users and groups from Microsoft Active Directory Domain Services, Okta Universal Directory, Azure AD, or another standards-based identity provider. In either case, you manage and authenticate users where you want and AWS SSO authorizes access to the AWS accounts, cloud applications, and other SAML-based applications that you add to AWS SSO.
Manage access to multiple AWS accounts from one place
With AWS Organizations integration, AWS SSO enables you to manage access across multiple accounts with no additional setup within individual accounts. You can assign user permissions based on common job functions, customize them to meet your specific security requirements, and assign fine-grained permissions within the specific accounts where they need access. AWS SSO also allows you to utilize user attributes, such as cost center, title, or locale, for attribute-based access control (ABAC).
Use Cases
Featured customers
Invenia is a cloud-based machine learning platform that uses big, high frequency data to solve complex energy intelligence problems in real-time. As a cloud-based business ourselves, we rely extensively on AWS and a number of SaaS-based applications, but didn't like the security and compliance risks associated with managing end-user credentials to so many independent systems. Deploying AWS SSO allowed us to provide access to those same applications, but using our existing corporate credentials instead, and without any of the hassle of managing a traditional SSO solution - Brilliant!
- Sascha McDonald, Head of Architecture and Operations, Invenia
Syncron is a provider of cloud-based after-sales service solutions focused on empowering the world’s leading manufacturers to maximize product uptime and deliver exceptional customer experiences. As a cloud-based business, we're very mindful of the productivity disruptions and security challenges that can arise when users are overloaded with unique credentials. With AWS SSO, we can quickly and easily connect users into AWS using their normal enterprise credentials – allowing us to focus on continuing to deliver exceptional services to our customers instead of managing the lifecycle of users’ credentials in our AWS multi-account structure.
- Richard Barkestam, CTO, Syncron
Featured Security Competency Partners
The AWS Competency Program is designed to identify, validate, and promote AWS Partner Network (APN) Advanced and Premier Tier Partners with demonstrated AWS technical expertise and proven customer success. To learn more, see the AWS Competency Program.
Okta is the identity company that stands for trust.
OneLogin is a leading cloud identity management company, enabling enterprises to secure connections across all users and all devices.
Ping Identity provides secure, seamless access to apps and resources from anywhere and is trusted by over half of the Fortune 100.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK