Posted On: Jul 26, 2022

AWS Single Sign-On (AWS SSO) is now AWS IAM Identity Center. It is where you create, or connect, your workforce users once and centrally manage their access to multiple AWS accounts and applications. You can create user identities directly in IAM Identity Center, or you can connect your existing identity source, including Microsoft Active Directory and standards-based identity providers, such as Okta Universal Directory or Azure AD. You can choose to manage access just to AWS accounts, just to cloud applications, or to both. Your users can utilize their existing credentials for one-click access to their assigned AWS accounts, AWS applications, like Amazon SageMaker Studio, and other standards-based cloud applications, like Salesforce, Box, and Microsoft 365.

For current AWS SSO customers, there is no change to how you centrally manage access to multiple AWS accounts or applications. The name change reflects the service capabilities, foundation in AWS Identity and Access Management (IAM), and role as the central place to manage access across AWS. For customers who are new to IAM Identity Center, it is the recommended front door into AWS for your workforce. If you already use IAM, you can configure IAM Identity Center to run alongside it and gradually shift to the centralized sign-in and access management capabilities of IAM Identity Center.

IAM Identity Center builds on the per-account access management capabilities of IAM and the multi-account governance capabilities of AWS Organizations. This foundation enables IAM Identity Center to manage workforce sign-in and fine-grained access to all accounts in an AWS Organization, as well as the flexibility to be administered safely from a member account in the AWS Organization.

IAM Identity Center supports various security standards and compliance certifications found here. It is available in 21 regions globally: US East (Ohio, N. Virginia), US West (Oregon), Asia Pacific (Hong Kong, Mumbai, Osaka, Seoul, Singapore, Sydney, Tokyo), Canada (Central), Europe (Frankfurt, Ireland, London, Milan, Paris, Stockholm), Middle East (Bahrain), South America (São Paulo) and AWS GovCloud (US).

To learn more about IAM Identity Center and get started, visit the launch blog, the webpage for IAM Identity Center (successor to AWS SSO), the AWS Region Availability pages, and the AWS GovCloud (US) page.