By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

What happens to existing AWS IAM users when enable IAM Identity Center?

0

I want to enable IAM Identity Center and configure an external IdP for an existing AWS account. This AWS account already has users, created with IAM. What happens to these users?

I'm especially worried about users used by my application to, for example, access S3 buckets. They have no password but only an access key and secret. Will these users' keys work after the configuration of the external IdP?

Thanks

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS IAM Identity CenterAWS Account Management
Language
English
Gigitsu
asked a year ago823 views
2 Answers
2

Hi There

Nothing will happen to the existing IAM users and access keys when you deploy IAM Identity Center and federate with an external IdP. THey can co-exist.

See https://repost.aws/questions/QUfNomVCt5TCiac7oQoT8n0A/can-i-keep-existing-iam-users-and-add-sso-to-our-accounts

profile pictureAWS
EXPERT
Matt-B
answered a year ago
1

Hi Matt, thank you for the answer. So my application will still work even after the IdP configuration, great.

But in the Review and confirm step of the configuration, I saw this point:

IAM Identity Center preserves your current users and groups, and their assignments. However, only users who have usernames that match the usernames in your identity provider (IdP) can authenticate.

This affect only users with a password?

Thank you

Gigitsu
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content