Very important to learn if you want to do anything significant with AWS within the ‘enterprise’.
AWS SSO > Azure AD login > AWS SSO account screen > role via permission set for various privileges into each account where access is needed > RBAC / ABAC applied.
Doing some research on this the other day, found this reddit post which I thought was interesting.
Hi all and sorry if this has already been asked, but right now my head is getting numb from all the things tried at the moment.
-AWS Organization with several accounts
-added extra AWS account for users and enabled Azure SSO (not the single account SSO)
-created several groups in AAD, assigned users, SCIM provisioning works fine
Anyone else doing anything significant with Azure AD and AWS which ultimately ends up with ABAC being applied?
Top comments (0)