AWS Security Blog
Tag: SSO
How to Connect Your On-Premises Active Directory to AWS Using AD Connector
August 17, 2023: We updated the instructions and screenshots in this post to align with changes to the AWS Management Console. April 25, 2023: We’ve updated this blog post to include more security learning resources. AD Connector is designed to give you an easy way to establish a trusted relationship between your Active Directory and […]
How to revoke federated users’ active AWS sessions
February 6, 2023: Updates added to explain an additional detail regarding the sourceIdentity field. In addition to using the sourceIdentity field to reference the user through various roles they have assumed, you may also construct your IAM trust policies to enforce acceptable sourceIdentity values or ensure any value for sourceIdentity is set. When you use […]
Enable Your Federated Users to Work in the AWS Management Console for up to 12 Hours
AWS Identity and Access Management (IAM) supports identity federation, which enables external identities, such as users in your corporate directory, to sign in to the AWS Management Console via single sign-on (SSO). Now with a small configuration change, your AWS administrators can allow your federated users to work in the AWS Management Console for up […]
How to Set Up Federated Single Sign-On to AWS Using Google Apps
March 10, 2020: This blog post is out of date. Please refer to this post for updated info: How to set up federated single sign-on to AWS using Google Workspace The AWS Security Blog has covered a variety of solutions for federating single sign-on (SSO) to the AWS Management Console. For example, How to Connect […]
Announcing Managed Microsoft Active Directory in the AWS Cloud
AWS Directory Service now offers an additional directory type. Now you can launch and run a Microsoft Active Directory (AD) as a managed service in the AWS cloud. AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also referred to as Microsoft AD, is powered by Windows Server 2012 R2. When you select and launch […]
New Whitepaper—Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth
October 15, 2021:We updated a link in this blog post. The newly released whitepaper, Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth, will help you integrate your existing LDAP-based user directory with AWS. When you integrate your existing directory with AWS, your users can access AWS by using their existing credentials. This means that your users […]
Easier Role Selection for SAML-Based Single Sign-On
At the end of 2013, we introduced single sign-on to the AWS Management Console using the Security Assertion Markup Language (SAML) 2.0. This enables you to use your organization’s existing identity system to sign in to the console without having to provide AWS credentials. Today we’re happy to announce that, in response to your feedback, […]
Enable Single Sign-On to the AWS Management Console via Shibboleth
<Repost from AWS Blog, here in its entirety> One of the most powerful features of AWS Identity and Access Management (IAM) is its ability to issue temporary security credentials and grant controlled access to people in a network without having to define individual identities for each user (i.e., identity federation). This enables customers to extend their existing authentication […]
Jeff Barr Talks with Symplified About Identity Federation and SSO
Jeff Barr, AWS’s chief evangelist, recently did an AWS Report interview with Symplified’s CTO and co-founder Darren Plat covering identity federation and single sign-on to cloud-based apps. The interview goes into depth about the need for identity federation services in the cloud and how Symplified implemented their offering for AWS services. You can watch the […]