Single Sign On (SSO)

  • Single Sign-On is a cloud-based single sign-on (SSO) service that makes it easy to centrally manage SSO access to all of your AWS accounts and cloud applications.

  • Specifically, it helps you manage SSO access and user permissions across all your AWS accounts in Organizations.

  • SSO also helps you manage access and permissions to commonly used third-party software as a service (SaaS) applications, SSO-integrated applications as well as custom applications that support Security Assertion Markup Language (SAML) 2.0.

  • SSO is integrated with Microsoft AD through the AWS Directory Service.

  • This is a much better option than AssumeRoleWithSAML because it can scale and it doesn't require you to set up an 3rd party identity provider (IdP).

Last updated