Single Sign-On (SSO)¶
Overview¶
AWS Single Sign-On (SSO) is a cloud-based service that simplifies user access management across multiple AWS accounts and business applications, enabling centralized access control and authentication.
Key Features¶
- Centralized access management
- Single login for multiple AWS accounts
- Integration with corporate directories
- Simplified user provisioning and deprovisioning
- Role-based access control
Authentication Methods¶
- Active Directory integration
- SAML 2.0 identity providers
- AWS Organizations support
- Multi-factor authentication
- Custom identity source
Access Management Capabilities¶
- Manage user permissions
- Assign application access
- Control account-level access
- Automated user provisioning
- Granular permission settings
Supported Integrations¶
- Microsoft Active Directory
- Okta
- Azure AD
- Google Workspace
- SAML-compatible identity providers
Use Cases¶
- Enterprise access management
- Simplified cloud account administration
- Secure application access
- Centralized identity governance
- Multi-account AWS environment management
Security Benefits¶
- Reduced credential management overhead
- Centralized access policy enforcement
- Enhanced authentication security
- Simplified compliance management
- Consistent access controls