1 個回答
- 最新
- 最多得票
- 最多評論
0
If you are using Active Directory as a choice of user directory and using Okta as an IdP, you don't need to leverage AWS SSO service. The example you referenced in that link is when you want to pull users from Okta Universal Directory or Azure AD. In your case, you have your users stored in AD. What you can do is follow the second option in the link of using AWS IAM to manage federated fine-grained access to AWS accounts. You can use Okta as an IdP to do an IdP-initiated SSO (SAML). When users sign into your AD through Okta, you can access AWS console by assuming an IAM role. This will not create persistent IAM users in AWS. There is a documentation from Okta to do the setup.
已回答 2 年前
相關內容
- 已提問 6 個月前
- 已提問 1 年前
- AWS 官方已更新 7 個月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前