En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Migrate IAM Users to AWS SSO

1

Hello everyone, Is there a way to migrate IAM Users to AWS SSO? So, I don't have to re-enter the users again. I know I can list my users with the following command: aws organizations list-accounts

Cheers Edu

Sujets
Sécurité, identité et conformité
Balises
Centre d’identité IAM AWS
Langue
English
rePost-User-2053300
demandé il y a 2 ans2792 vues
1 réponse
1

It's not an easy task, you need to have a plan because it not just involves copy-and-paste the username, but also the permission configuration in your account (Otherwise, you'll just create a bunch of users without any permission).

  1. First, you need to gather the list of IAM users, and categorise them into groups according to their permission level.
  2. For every permission level, you need to create a permission set
  3. Create SSO users (Note that the information required is more than IAM users, you'll need the users' email address. So you can't simply copying the IAM username here)
  4. Create group and add the SSO users into them by the permission category you defined earlier
  5. Assign permission sets to different groups

Migrating to AWS SSO is not just a technical task but also an opportunity to review the access management of your organisation.

RichardFan
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents