Posted On: Nov 24, 2021

AWS Single Sign-On (AWS SSO) is now in scope for AWS SOC 1 , SOC 2, and SOC 3 reports. You can now use AWS SSO in applications requiring audited evidence of the controls in our System and Organization Controls (SOC) reporting. For example, if you use AWS to manage access to accounts and applications, you can use the SOC reports to help meet your compliance requirements for those use cases.  AWS SOC reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives.

AWS SSO is where you create, or connect, your workforce identities in AWS once and manage access centrally across your AWS organization. You can choose to manage access just to your AWS accounts or cloud applications. You can create user identities directly in AWS SSO, or you can bring them from your Microsoft Active Directory or a standards-based identity provider, such as Okta Universal Directory or Azure AD. With AWS SSO, you get a unified administration experience to define, customize, and assign fine-grained access. Your workforce users get a user portal to access all of their assigned AWS accounts or cloud applications. AWS SSO can be flexibly configured to run alongside or replace AWS account access management via AWS IAM. To get started with AWS SSO, please see the AWS SSO product page and service documentation.

You can download the AWS SOC reports in AWS Artifact. To learn more, you can go to the AWS Services in Scope by Compliance Program webpage to see a full list of services covered by each compliance program and read our blog post about the Fall 2021 SOC reports.