1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
I think that the key here is that you're using a private zone in Route 53 - SSO requires that the identity provider be public and that means being publicly resolvable and having a publicly accessible endpoint.
As far as different accounts go: Most networking components in AWS are account-agnostic once connectivity is established between them. For private networks that means things like VPC Peering, Transit Gateway and other mechanisms. For publicly accessible services accounts don't matter at all.