Identity Providers (IdPs)
Federated access in AWS allows users to access AWS resources using existing credentials from an external IdP, such as a corporate directory. This eliminates the need to create separate IAM users for each identity, streamlining the login process and enhancing security.
Configuring federated access in AWS involves setting up trust between AWS and the external identity provider, using IAM roles and Security Assertion Markup Language (SAML) 2.0. This configuration allows users authenticated by an external IdP to assume an IAM role and access AWS resources, in accordance with the permissions associated with that role.
First, you start by setting up an external IdP, such as Active Directory, Google, or any other service that supports SAML 2.0. This IdP handles user logins and manages their identities outside of AWS. Next, in the AWS Management Console, you create an IAM identity provider that connects to this external IdP. You’ll need to provide some...
