External Identity Source is not an option when setting up AWS SSO

Question

Hello, I am trying to integrate AWS with Okta, and in all the documentation on both sides (AWS and Okta), it states that i must choose "External Identity Provider" as my identity source and then continue with setup.  The issue is that I only have 2 choices:  AWS SSO and Active Directory.  Does anyone have an idea here?  Do I need to choose AWS SSO first and then try to change it?  Any help would be greatly appreciated.  Thank you

Answer

Hello,        
         
I see that the problem you are facing is not being able to see the external identity provider when trying to integrate AWS with Okta. 
         
I think it might be because you do not have the permissions required to perform these actions. Make sure that you are signed in as an admin and that you have the necessary permissions to be able to make changes to the account.

After you have made sure that you are signed with a user that have the necessary permissions.    
       
There are a few steps you should follow to successfully integrate AWS with Okta.

•	Step 1: Create the Okta SAML application and connect it with AWS SSO for identification federation

•	Step 2: Create the Okta SCIM application which is the synchronization flow

•	Step 3: Create and map Okta groups to permission sets.

Here are some documentations that you can follow: 
       
https://aws.amazon.com/blogs/awsmarketplace/integrating-okta-with-aws-single-sign-on-in-aws-control-tower-environment/
 
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/integrate-okta-with-aws-iam-identity-center-to-manage-users-roles-and-multi-account-access.html

External Identity Source is not an option when setting up AWS SSO

Conteúdo relevante