Difference between revisions of "AWS IAM Identity Center"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/
(19 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[wikipedia:AWS IAM Identity Center]] ([[AWS timeline|Jul 2022]]) <ref>https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/</ref> (previously [[AWS Single Sign-On]]) | [[wikipedia:AWS IAM Identity Center]] ([[AWS timeline|Jul 2022]]) <ref>https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/</ref> (previously [[AWS Single Sign-On]]) | ||
* https://aws.amazon.com/iam/identity-center/ | * https://aws.amazon.com/iam/identity-center/ | ||
+ | * Pricing: Free of charge | ||
+ | |||
+ | * Enable multi-account access to your AWS accounts | ||
+ | * Enable [[single sign-on]] access to your AWS applications | ||
+ | * Enable [[single sign-on]] access to Amazon EC2 Windows instances | ||
+ | |||
+ | == Commands == | ||
+ | * <code>[[aws sts get-session-token]]</code> | ||
+ | * <code>[[aws sts assume-role]]</code> | ||
+ | |||
+ | == [[Terraform resources]] == | ||
+ | * <code>[[aws_identitystore_user]]</code> | ||
+ | * <code>[[aws_identitystore_group]]</code> | ||
== Related == | == Related == | ||
* [[Okta]] https://www.okta.com/blog/2020/05/how-okta-aws-iam-identity-center-simplifies-admin-and-adds-cli-support/ | * [[Okta]] https://www.okta.com/blog/2020/05/how-okta-aws-iam-identity-center-simplifies-admin-and-adds-cli-support/ | ||
* [[JumpCloud]] | * [[JumpCloud]] | ||
− | * <code>[[SCIM]]</code> protocol | + | * <code>[[SCIM]]</code> protocol, [[Created by SCIM]] |
− | |||
− | |||
* [[Permission sets]]: <code>[[AdministratorAccess]], [[PowerUserAccess]]</code> | * [[Permission sets]]: <code>[[AdministratorAccess]], [[PowerUserAccess]]</code> | ||
* <code>[[aws_ssoadmin_permission_set]]</code> | * <code>[[aws_ssoadmin_permission_set]]</code> | ||
* [[Maximum session duration]], up to 7 days or custom duration. | * [[Maximum session duration]], up to 7 days or custom duration. | ||
− | * [[aws | + | * [[AWS access portal]]: |
+ | * <code>[[aws sso-admin]]</code> | ||
+ | * [[ssoins]] | ||
+ | * <code>[[AdministratorAccess]]</code> | ||
+ | * <code>[[arn:aws:sso:::permissionSet]]</code> | ||
+ | * [[AWS Verified Access]] (2023) | ||
== Activities == | == Activities == | ||
− | * | + | * [[Configure the AWS CLI to use AWS IAM Identity Center]]. See also: [[AWS SSO token provider configuration]] https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html |
+ | * [[How to use Google Workspace as an external identity provider for AWS IAM Identity Center]] | ||
== See also == | == See also == | ||
+ | * {{aws sts}} | ||
* {{identitystore}} | * {{identitystore}} | ||
* {{AWS SSO}} | * {{AWS SSO}} |
Latest revision as of 14:29, 4 July 2024
wikipedia:AWS IAM Identity Center (Jul 2022) [1] (previously AWS Single Sign-On)
- https://aws.amazon.com/iam/identity-center/
- Pricing: Free of charge
- Enable multi-account access to your AWS accounts
- Enable single sign-on access to your AWS applications
- Enable single sign-on access to Amazon EC2 Windows instances
Commands[edit]
Terraform resources[edit]
Related[edit]
- Okta https://www.okta.com/blog/2020/05/how-okta-aws-iam-identity-center-simplifies-admin-and-adds-cli-support/
- JumpCloud
SCIM
protocol, Created by SCIM- Permission sets:
AdministratorAccess, PowerUserAccess
aws_ssoadmin_permission_set
- Maximum session duration, up to 7 days or custom duration.
- AWS access portal:
aws sso-admin
- ssoins
AdministratorAccess
arn:aws:sso:::permissionSet
- AWS Verified Access (2023)
Activities[edit]
- Configure the AWS CLI to use AWS IAM Identity Center. See also: AWS SSO token provider configuration https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
- How to use Google Workspace as an external identity provider for AWS IAM Identity Center
See also[edit]
- AWS STS
(sts:)
,aws sts
[get-session-token
|get-caller-identity
|assume-role | assume-role-with-web-identity | assume-role-with-saml | get-access-key-info ]
- AWS IAM Identity Center:
aws identitystore [ create-user | create-group | list-groups | list-users ]
, Permission sets - AWS IAM Identity Center, AWS SSO,
aws sso
, AWS access portal,aws_ssoadmin_permission_set, arn:aws:sso
- IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock,
iam:ChangePassword
,aws iam
,AdministratorAccess
, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies,IAMUserChangePassword
, AWS Roles, List of AWS policies, Resource-based policy,aws-iam-authenticator
, IRSA, RDS Authentication,AccessDenied
, AWS Authentication, AWS IAM external access analyzer
Advertising: