Please enable JavaScript.
Coggle requires JavaScript to display documents.
25.288: IAM Identity Center - Coggle Diagram
25.288: IAM Identity Center
Features
1 log (SSO) for all your
AWS account in AWS ORG
Business cloud apps
SAML 2.0 enabled app
EC2 Windows Instances
Identity providers
Built in identity store in IAM Identity Center
3rd party: Active Directory, OneLogin, Okta...
Fine-grained Permissions and Assignments
Multi account permission
Manage access across AWS acc in your AWS ORG
Permission Sets-a collection of 1 or more IAM Polices assigned to users and groups to define AWS access
App assignments
SSO access to many SAML 2.0 business app
Provide required URLs, certificates and metadata
Attribute Based Access Control (ABAC)
Fine grained permission based on user's attributes stored in IAM Identity Center Identity Store
Ex: cost center, title, locale..
Usecase: Define permissions once, then modify AWS access by changing the attributes