1 Answer
- Newest
- Most votes
- Most comments
0
If you are using Active Directory as a choice of user directory and using Okta as an IdP, you don't need to leverage AWS SSO service. The example you referenced in that link is when you want to pull users from Okta Universal Directory or Azure AD. In your case, you have your users stored in AD. What you can do is follow the second option in the link of using AWS IAM to manage federated fine-grained access to AWS accounts. You can use Okta as an IdP to do an IdP-initiated SSO (SAML). When users sign into your AD through Okta, you can access AWS console by assuming an IAM role. This will not create persistent IAM users in AWS. There is a documentation from Okta to do the setup.
answered 2 years ago
Relevant content
- asked a year ago
- asked a year ago
- asked 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 11 days ago