AWS IAM Identity Center (formerly AWS SSO)
AWS IAM Identity Center represents the recommended best practice for managing identities on AWS. It provides a centralized place to create or connect your workforce identities and manage their access across multiple AWS accounts and applications.
Key Features
- Single Sign-On (SSO): Users sign in once to access all assigned AWS accounts and applications.
- Multi-Account Access: Centrally manage access to all accounts in your AWS Organization.
- Integration: Integates with Microsoft Active Directory, Okta, etc.
- User Portal: A web portal where users see all their assigned roles and apps.
Exam Tips
- "Single Sign-On": Answer is IAM Identity Center.
- "Manage access across AWS Organization": Answer is IAM Identity Center.
- "Connect to Active Directory": IAM Identity Center supports this.
- "Formerly AWS SSO": Be aware of the name change.
Common Use Cases
- Workforce Identity: Managing employee access to AWS resources.
- Multi-Account Strategy: Giving developers access to Dev/Test/Prod accounts with a single set of credentials.
- SAML Integration: Using existing corporate credentials (e.g., AD) to log in to AWS.