Nitesh shows you how to
enable SSO to the AWS console
using AWS Directory Service


I want to allow AWS Directory Service members to access AWS resources through the AWS Management Console. How can I do that?

By default, AWS Directory Service users don't have access to AWS resources. To give users access to the AWS Management Console, follow these steps:

  1. Open the IAM console and create an IAM role that allows access to the AWS services that you want directory members to use in the AWS Management Console.
    Note: Be sure that the IAM role has a trust relationship with AWS Directory Service.
  2. Create an access URL for your directory.
  3. Enable AWS Management Console access.
  4. Assign directory users or groups to the IAM role.

To verify that users can access the AWS Management Console, open the access URL and sign in with a user account assigned to the IAM role. After signing in, check the AWS service consoles to confirm that you are permitted or denied access to services as specified in the IAM role.

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2018-05-16