AWS Security Blog

Tag: AWS SSO

On-Demand SCIM provisioning of Azure AD to AWS SSO with PowerShell

In this post, I will demonstrate how you can use a PowerShell script to initiate an on-demand synchronization between Azure Active Directory and AWS Single Sign-On (AWS SSO) and avoid the default 40-minute synchronization schedule between both identity providers. This solution helps enterprises quickly synchronize changes made to users, groups, or permissions within Azure AD […]

Read More

Get ready for upcoming changes in the AWS Single Sign-On user sign-in process

To improve security, enhance user experience, and address compatibility with future AWS Identity changes, AWS Single Sign-On (SSO) is making changes to the sign-in process that will affect some AWS SSO customers. The changes will go into effect globally in early October 2020. The AWS SSO sign-in pages are moving to a new top-level DNS […]

Read More

How to use G Suite as an external identity provider for AWS SSO

August 3, 2020: This post has been updated to include some additional information about managing users and permissions. Do you want to control access to your Amazon Web Services (AWS) accounts with G Suite? In this post, we show you how to set up G Suite as an external identity provider in AWS Single Sign-On […]

Read More

How to enable secure access to Kibana using AWS Single Sign-On

Note from March 18, 2020: The Amazon ES domain no longer has to match the Amazon Cognito domain name, and we’ve updated this blog to reflect that change. Note from August 22, 2019: Thanks to a customer providing feedback, we fixed a problem with the syntax of a command. Amazon Elasticsearch Service (Amazon ES) is a […]

Read More

Add a layer of security for AWS SSO user portal sign-in with context-aware email-based verification

If you’re an IT administrator of a growing workforce, your users will require access to a growing number of business applications and AWS accounts. You can use AWS Single Sign-On (AWS SSO) to create and manage users centrally and grant access to AWS accounts and business applications, such as such Salesforce, Box, and Slack. When […]

Read More

How to create and manage users within AWS Single Sign-On

AWS Single Sign-On (AWS SSO) is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts. By default, AWS SSO now provides a directory that you can use to create users, organize them in groups, and set permissions across those groups. You […]

Read More

How to retrieve short-term credentials for CLI use with AWS Single Sign-on

Today, AWS made it easier to use the AWS Command Line Interface (CLI) to manage services in your AWS accounts. Now you can sign into the AWS Single Sign-On (AWS SSO) user portal using your existing corporate credentials, choose an AWS account and a specific permission set, and get temporary credentials to manage your AWS […]

Read More

Introducing AWS Single Sign-On

Today, AWS introduced AWS Single Sign-On (AWS SSO), a service that makes it easy for you to centrally manage SSO access to multiple AWS accounts and business applications. AWS SSO provides a user portal so that your users can find and access all of their assigned accounts and applications from one place, using their existing […]

Read More