Tuesday, November 12, 2013

AWS Identity and Access Management Using SAML


Over the years, we’ve had a number of blog posts that described how AWS Identity and Access Management (IAM) enables identity federation. (For those who'd like some background, see previous posts on identity federation with IAM, single sign-on (SSO) to the AWS Management Console, and web identity federation). These prior solutions worked for many customers, but some of you wanted SAML (Security Assertion Markup Language) support so that you could leverage your existing investment in SAML-based identity management software.

Today, we’re excited to announce we’ve expanded our identity federation to include support for SAML 2.0, an open industry standard used by many identity providers. This new feature enables federated SSO, empowering users to sign into the AWS Management Console or make programmatic calls to AWS APIs, by using assertions from a SAML-compliant identity provider (IdP).

Identity federation makes it easier for you to manage your users by enabling you to maintain your identities within your existing directory. SAML-based federation makes it simple for you to configure federation with AWS because you can use any IdP software that supports SAML (e.g., Windows Active Directory Federation Services or Shibboleth). Using federation, if a user leaves your company, you can simply delete the user's corporate identity in one place, which then also revokes access to AWS. Your users also benefits because they only need to remember one username and password. Have I got your attention yet?

Read more here

Leave a Reply

All Tech News IN © 2011 DheTemplate.com & Main Blogger .