By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Multiple Organizations & IAM Identity Center SSO

0

Hi,

I have multiple organizations in my account hierarchy. We're using multiple organizations as each needs to be billed separately (different countries). Is it possible to have a single instance of IAM Identity Center to enable SSO across multiple organizations?

Note: Multiple organizations is a suggested approach per AWS documentation - https://d0.awsstatic.com/aws-answers/AWS_Multi_Account_Billing_Strategy.pdf

Topics
Management & GovernanceSecurity, Identity, & Compliance
Tags
AWS OrganizationsAWS IAM Identity Center
Language
English
PeteMo
asked a year ago1495 views
2 Answers
2

No, Identity Center supports one AWS Organizations at a time. In your situation, if you want to keep separate Organization per customer, you will need to setup Identity Center in each Organization's management account. Each of these Identity Centers/Organizations can then point to the same IdP.

profile pictureAWS
EXPERT
kentrad
answered a year ago
0

I believe the document you referenced recommends that you use Organizational Units (OUs) within your AWS Organization. This is what we are doing and it allows us to generate bills for each OU as well as shows us total spending across the enterprise.

profile picture
Carlos del Castillo
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content