AWS Security Blog

Tag: SAML

AWS IAM Sessions at re:Invent 2015

As I said last week, the breakout sessions for the Security & Compliance track have been announced and are shown in the re:Invent 2015 session catalog. If you are going to re:Invent 2015, you can add these sessions to your schedule now. Today, I will highlight the AWS Identity and Access Management (IAM) sessions that […]

Read More

How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0

Important note from July 18, 2019: The original version of this blog uses Python2.x scripts. We now have Python3.x scripts that you can download here: Form-based authentication version of the Python3.x script AD FS 3.0-specific version of the Python3.x script Note from May 24, 2019: The features and services described in this post have changed since […]

Read More

How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS

Important note from July 18, 2019: The original version of this blog uses Python2.x scripts. We now have a Python3.x script that you can download here: Python3.x script Note from May 24, 2019: The features and services described in this post have changed since the post was published and the procedures described might be out […]

Read More

New Whitepaper—Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth

The newly released whitepaper, Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth, will help you integrate your existing LDAP-based user directory with AWS. When you integrate your existing directory with AWS, your users can access AWS by using their existing credentials. This means that your users don’t need to maintain yet another user name and password […]

Read More

Easier Role Selection for SAML-Based Single Sign-On

At the end of 2013, we introduced single sign-on to the AWS Management Console using the Security Assertion Markup Language (SAML) 2.0. This enables you to use your organization’s existing identity system to sign in to the console without having to provide AWS credentials. Today we’re happy to announce that, in response to your feedback, […]

Read More

How to Use Shibboleth for Single Sign-On to the AWS Management Console

Update from January 17, 2018: The techniques demonstrated in this blog post relate to traditional SAML federation for AWS. These techniques are still valid and useful. However, AWS Single Sign-On (AWS SSO) provides analogous capabilities by way of a managed service. If you are just getting started with federating access to your AWS accounts, we recommend […]

Read More

Enabling Federation to AWS Using Windows Active Directory, ADFS, and SAML 2.0

Update from January 17, 2018: The techniques demonstrated in this blog post relate to traditional SAML federation for AWS. These techniques are still valid and useful. However, AWS Single Sign-On (AWS SSO) provides analogous capabilities by way of a managed service. If you are just getting started with federating access to your AWS accounts, we recommend […]

Read More

Enable Single Sign-On to the AWS Management Console via Shibboleth

<Repost from AWS Blog, here in its entirety> One of the most powerful features of AWS Identity and Access Management (IAM) is its ability to issue temporary security credentials and grant controlled access to people in a network without having to define individual identities for each user (i.e., identity federation). This enables customers to extend their existing authentication […]

Read More