- 最新
- 最多得票
- 最多評論
Unfortunately, this doesn't address our needs or use case. We're not using the User Portal to provide users access to the AWS management console. We use the user portal to provide users access to SAML federated applications.
We have the timeout of those applications set to one hour. However, if a user's session with that application times out, they just go back to the AWS user portal, click the icon of that app, and are immediately back in. We need the session to the AWS user portal to time out after one hour as well, forcing them to sign back in to AWS SSO/IdC before they can re-access one of these SAML-provided applications.
That's for session manager within SSM, not for the user portal of AWS SSO. Doesn't seem like this is a possibility. We'll switch to another IdP instead of AWS SSO, then.
Hello,
AWS Single Sign-On (SSO) enables you to customize the session duration to AWS accounts ranging from 1 hour up to 12 hours. You can configure session duration for each permission set so that you can optimize how long your users can access AWS Management Console and AWS CLI for your AWS accounts. For example, when your users need to run long-running operations, you can increase the session duration so that your users can complete the operation using a single session. To learn more about configuring session duration, see Set Session Duration.
Link- https://docs.aws.amazon.com/singlesignon/latest/userguide/howtosessionduration.html
Hope this helps you with the question !!
I checked your use-case again & I believe, In that case you need to configure the session lifecycle on the Azure AD side. (see: https://docs.microsoft.com/en-us/graph/api/resources/tokenlifetimepolicy?view=graph-rest-1.0). The lifetime of the session set the maximum time a user can use the Amazon SSO web portal without re-authenticating to the external IDP.
Check out the link pasted above for additional details.
Hi, I am a Software Dev Engineer working in AWS Identity Center team. The feature being requested to configure the session duration for access portal is currently supported only for IdentityCenter and ExternalIdp identity source. More information here-https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html
Unfortunately, this feature is currently not supported for AD Identity source: https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-app-session.html
