SSO on AWS in 5 Minutes

Gavin Lewis
The Startup
Published in
5 min readJul 17, 2019

--

Like everything on AWS, there are multiple ways to achieve similar outcomes. Recently I wrote an article about setting up SSO into your AWS Accounts using SAML — specifically ADFS. Although most larger or established companies utilize Active Directory for authentication, smaller companies or startups may choose not to so they don’t have to worry about yet another tool or system to manage. So what options are there if you still want to utilize a centralized login system? One of those options is AWS SSO, which also happens to be a free service.

Getting Setup

Before you get started, note down AWS SSO’s Prerequisites as these are important. All of the following steps will also need to be performed in the organization’s master account.

In the AWS Console, search for and open the SSO service and you should see the option to Enable AWS SSO. Similar to implementing SAML on AWS, AWS SSO also uses the Secure Token Service to provide access to each account. As part of the setup process, a number of IAM roles will be created in each member account to allow SSO authentication to occur.

After SSO is enabled, we need to create a user (or users) who will be able to…

--

--

Gavin Lewis
The Startup

Passionate about building and delivering solutions in the Cloud! Principal Cloud Architect @ Rapid Circle. Views are my own.