AWS SSO + Azure AD, no way to access AWS Console?

I am trying to access the AWS Console via AWS SSO with Azure AD as my identity provider. Following this Microsoft tutorial: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/aws-single-sign-on-tutorial, I was able to successfully set up SSO and automatic provisioning. To initiate sign in I use the My App browser extension. I can authenticate but I am brought to the User Portal and I have no applications. What am I missing? How do I access the AWS Console using this method?

Microsoft has another Enterprise Application call AWS Single-Account Access. If I set this up, I can access the Console: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/amazon-web-service-tutorial but I don't think that's what I want. Any help would be much appreciated. Thanks

주제

보안, 신원 및 규정 준수 관리 및 거버넌스

태그

보안, 신원 및 규정 준수 AWS 자격 증명 및 액세스 관리 AWS 디렉터리 서비스 AWS 관리 콘솔 AWS 명령줄 인터페이스

언어

English

AWS-User-1435086

질문됨 2년 전1169회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

수락된 답변

You are missing granting your AWS SSO users/groups access to the accounts. Assign User Access

Michael_K

답변함 2년 전

Ciaran Carragher
2년 전
What Michael said. You have configured a federated link from AAD to AWS SSO, but now you need to log into the Root Account of your AWS Org (where AWS SSO is configured) and assign users access to AWS accounts. This is done through the assignment of Permission Sets to users/groups and AWS accounts. Think of Permission Sets as JSON templates with which IAM Roles are created in the targetted AWS account(s).
AWS-User-1435086
2년 전
That was it, thanks!

AWS SSO + Azure AD, no way to access AWS Console?

관련 콘텐츠