AWS Security Blog

Category: AWS Single Sign-On (SSO)

On-Demand SCIM provisioning of Azure AD to AWS SSO with PowerShell

February 14, 2022: We updated this post to include a link to an updated version of this solution in the Prerequisites section. July 6, 2021: We updated this post to remove the user requirement to trigger the API endpoint because authentication is performed by application permissions. January 8, 2021: We updated this post to reflect […]

Read More

Get ready for upcoming changes in the AWS Single Sign-On user sign-in process

October 21, 2020: This post has been updated to reflect the change in date for updates to AWS SSO sign-in process from early October to early November. To improve security, enhance user experience, and address compatibility with future AWS Identity changes, AWS Single Sign-On (SSO) is making changes to the sign-in process that will affect […]

Read More

How to use G Suite as an external identity provider for AWS SSO

May 4, 2021: AWS Single Sign-On (SSO) currently does not support G Suite as an identity provider for automatic provisioning of users and groups, or the open source ssosync project, available on Github. January 11, 2021: This post has been updated to reflect changes to the G Suite user interface. August 3, 2020: This post […]

Read More

How to enable secure access to Kibana using AWS Single Sign-On

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Note from March 18, 2020: The Amazon ES domain no longer has to match the Amazon Cognito domain name, and we’ve updated this blog to reflect that change. Note from August 22, 2019: Thanks to a customer providing feedback, we fixed […]

Read More

How to create and manage users within AWS Single Sign-On

AWS Single Sign-On (AWS SSO) is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts. By default, AWS SSO now provides a directory that you can use to create users, organize them in groups, and set permissions across those groups. You […]

Read More

How to retrieve short-term credentials for CLI use with AWS Single Sign-on

May 23, 2022: This blog post is out of date. Please refer here for current info: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html Today, AWS made it easier to use the AWS Command Line Interface (CLI) to manage services in your AWS accounts. Now you can sign into the AWS Single Sign-On (AWS SSO) user portal using your existing corporate credentials, […]

Read More

Introducing AWS Single Sign-On

Today, AWS introduced AWS Single Sign-On (AWS SSO), a service that makes it easy for you to centrally manage SSO access to multiple AWS accounts and business applications. AWS SSO provides a user portal so that your users can find and access all of their assigned accounts and applications from one place, using their existing […]

Read More