Difference between revisions of "AWS IAM Identity Center"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/
| (22 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[wikipedia:AWS IAM Identity Center]] ([[AWS timeline|Jul 2022]]) <ref>https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/</ref> (previously [[AWS Single Sign-On]]) | [[wikipedia:AWS IAM Identity Center]] ([[AWS timeline|Jul 2022]]) <ref>https://aws.amazon.com/about-aws/whats-new/2022/07/aws-single-sign-on-aws-sso-now-aws-iam-identity-center/</ref> (previously [[AWS Single Sign-On]]) | ||
* https://aws.amazon.com/iam/identity-center/ | * https://aws.amazon.com/iam/identity-center/ | ||
| + | * Pricing: [[Free of charge]] | ||
| + | |||
| + | Supported identity source: | ||
| + | * External identity provider | ||
| + | * [[Active Directory]] | ||
| + | * [[Identity Center directory]] (free of charge, default) | ||
| + | |||
| + | |||
| + | |||
| + | * Enable multi-account access to your AWS accounts | ||
| + | * Enable [[single sign-on]] access to your AWS applications | ||
| + | * Enable [[single sign-on]] access to Amazon EC2 Windows instances | ||
== Commands == | == Commands == | ||
| − | * <code>[[aws | + | * <code>[[aws sso login]]</code> |
| + | * <code>[[aws configure sso]]</code> | ||
* <code>[[aws sts assume-role]]</code> | * <code>[[aws sts assume-role]]</code> | ||
| + | * <code>[[aws sts get-session-token]]</code> Only valid for [[IAM users]] | ||
== [[Terraform resources]] == | == [[Terraform resources]] == | ||
| Line 17: | Line 31: | ||
* <code>[[aws_ssoadmin_permission_set]]</code> | * <code>[[aws_ssoadmin_permission_set]]</code> | ||
* [[Maximum session duration]], up to 7 days or custom duration. | * [[Maximum session duration]], up to 7 days or custom duration. | ||
| − | * [[AWS access portal]]: | + | * [[AWS access portal]]: https://d-xxxxxxxxxx.awsapps.com/start |
| + | * <code>[[aws sso-admin]]</code> | ||
| + | * [[ssoins]] | ||
| + | * <code>[[AdministratorAccess]]</code> | ||
| + | * <code>[[arn:aws:sso:::permissionSet]]</code> | ||
| + | * [[AWS Verified Access]] (2023) | ||
| + | * [[Organization instances of IAM Identity Center]] | ||
== Activities == | == Activities == | ||
* [[Configure the AWS CLI to use AWS IAM Identity Center]]. See also: [[AWS SSO token provider configuration]] https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html | * [[Configure the AWS CLI to use AWS IAM Identity Center]]. See also: [[AWS SSO token provider configuration]] https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html | ||
| + | * [[How to use Google Workspace as an external identity provider for AWS IAM Identity Center]] | ||
| + | * [[Multi-factor authentication for Identity Center users]] | ||
== See also == | == See also == | ||
| − | * {{aws | + | * {{aws sso login}} |
| + | * {{aws sso}} | ||
* {{identitystore}} | * {{identitystore}} | ||
* {{AWS SSO}} | * {{AWS SSO}} | ||
| − | * {{AWS IAM}} | + | * {{AWS IAM Identity Center}} |
| + | * {{AWS users}} | ||
[[Category:AWS]] | [[Category:AWS]] | ||
Latest revision as of 08:40, 30 January 2025
wikipedia:AWS IAM Identity Center (Jul 2022) [1] (previously AWS Single Sign-On)
Supported identity source:
- External identity provider
- Active Directory
- Identity Center directory (free of charge, default)
- Enable multi-account access to your AWS accounts
- Enable single sign-on access to your AWS applications
- Enable single sign-on access to Amazon EC2 Windows instances
Commands[edit]
aws sso loginaws configure ssoaws sts assume-roleaws sts get-session-tokenOnly valid for IAM users
Terraform resources[edit]
Related[edit]
- Okta https://www.okta.com/blog/2020/05/how-okta-aws-iam-identity-center-simplifies-admin-and-adds-cli-support/
- JumpCloud
SCIMprotocol, Created by SCIM- Permission sets:
AdministratorAccess, PowerUserAccess aws_ssoadmin_permission_set- Maximum session duration, up to 7 days or custom duration.
- AWS access portal: https://d-xxxxxxxxxx.awsapps.com/start
aws sso-admin- ssoins
AdministratorAccessarn:aws:sso:::permissionSet- AWS Verified Access (2023)
- Organization instances of IAM Identity Center
Activities[edit]
- Configure the AWS CLI to use AWS IAM Identity Center. See also: AWS SSO token provider configuration https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
- How to use Google Workspace as an external identity provider for AWS IAM Identity Center
- Multi-factor authentication for Identity Center users
See also[edit]
aws sso login, ~/.aws/sso/cache- AWS SSO:
aws sso,aws sso login,aws sso list-accounts,aws-sso-util, aws sso-admin - AWS IAM Identity Center:
aws identitystore [ create-user | create-group | list-groups | list-users ], Permission sets - AWS IAM Identity Center, AWS SSO,
aws sso, AWS access portal,aws_ssoadmin_permission_set, arn:aws:sso - AWS IAM Identity Center,
aws identitystore, AWS Identity Center directory, SSO - AWS users: AWS IAM users and/or Identity Center users
Advertising:
