Posted On: Nov 10, 2021
Customers can now connect their JumpCloud Directory Platform (JumpCloud) to Amazon Web Services Single Sign-On (SSO) once, manage access to AWS centrally in AWS SSO, and enable end users to sign in using JumpCloud to access all their assigned AWS accounts. The integration helps customers simplify AWS access management across multiple accounts while maintaining familiar JumpCloud experiences for administrators who manage identities, and for end users as they sign in. AWS SSO and JumpCloud use standards-based automation to provision users and groups into AWS SSO, enabling customers to save administration time and increase security.
The interoperability of AWS SSO and JumpCloud enables administrators to assign users and groups access centrally to their AWS Organizations accounts and AWS SSO integrated applications. This makes it easier for an AWS administrator to manage access to AWS and confirm whether JumpCloud users have the right access to the right AWS accounts. Ongoing management is also simplified. For example, when using group assignments, JumpCloud administrators can grant or remove AWS account access by adding or removing users from a JumpCloud group.
AWS SSO and JumpCloud use the System for Cross-domain Identity Management (SCIM) standard to automate the process of provisioning users and groups into AWS SSO. AWS SSO also authenticates JumpCloud users to their assigned AWS accounts through the Security Assertion Markup Language (SAML 2.0) standard. To configure the SCIM and SAML connections, administrators can use the AWS SSO Connector available in JumpCloud Application Catalog.
Your end users get their familiar JumpCloud sign-in experience including MFA and central access to all of their assigned AWS accounts, including those created with AWS Control Tower account factory. In addition, your users can use their JumpCloud credentials to sign in to the AWS Management Console, AWS Command Line Interface (CLI), AWS Console Mobile Application, and AWS integrated services, including AWS IoT SiteWise Monitor and Amazon SageMaker Notebooks.
It is straightforward to get started with AWS SSO. With just a few clicks in the AWS SSO management console, you can choose AWS SSO, Active Directory, or an external identity provider, now including JumpCloud, as your identity source. Your users sign in with the convenience of their familiar sign-in experience and get single-click access to all their assigned accounts from the AWS SSO user portal. To learn more, please visit AWS Single Sign-On. To connect JumpCloud to AWS SSO as an external identity provider, please see the AWS SSO documentation.
There is no cost for AWS SSO, and it is available in the US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), Asia Pacific (Singapore), Asia Pacific (Mumbai), Asia Pacific (Sydney), Asia Pacific (Seoul), Asia Pacific (Tokyo), EU (Ireland), EU (Frankfurt), EU (London), EU (Paris), EU (Stockholm), AWS GovCloud (US-West) and South America (São Paulo) Regions.