Using Active Directory as an identity source for AWS IAM Identity Center | Amazon Web Services

Показать описание

In this demo, learn how to enable Microsoft Active Directory as an idenitty source in AWS IAM Identity Center.

Subscribe:

Do you have technical AWS questions?

ABOUT AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.

#AWS #AmazonWebServices #CloudComputing

Рекомендации по теме

Комментарии

Great stuff! I've been getting very flustered with IAM vs IAM IC vs AWS managed AD, etc. Here's what I've gathered:
Pure standalone IAM is considered legacy. IAM IC (Identity Center) is the way to go. Then connecting it to an AWS managed AD will let you do LDAP and SSO with all your deployed tools. This AD solution also means you can deploy a helper EC2 AD instance for people who like AD. I don't like the idea of things like a pure AD connector though, because if you're using a deployed EC2 AD as the pure source, and that gets corrupted, your user info is hosed.

MezzoEnzis

Thank you for taking the time to share this with us. That's mostly reproducible, except for a few *crucial* gotchas that I wish were more stressed out.
I wish that you insisted more on the prep work provisioning part.

1. the catchall group MUST be at the root level of AD, or the Add Users & Groups feature will NOT find it. I've tried different path separator and forms, but only root-level will work.

2. The groups that provisioned users belong to can't be of "Local" scope. They have to be at least "Global".

3. In my case, it's not until I assigned the AWS Account permission sets that the Groups appeared in the AWS sync panel. Before that, only users appeared.

4. There is still a gotcha that resolved by itself overnight, is that initially, my synced users appear with Status = Disabled. Overnight they switched to "Enabled".

fabienhaddadi

Using Active Directory as an identity source for AWS IAM Identity Center | Amazon Web Services

Active directory in a nutshell | How windows AD works in networking (2024)

What is Active Directory?

🔥 Active Directory Training for Beginners | Help Desk and Technical Support

Active Directory - CompTIA A+ 220-1102 - 2.1

Domain Controller vs. Active Directory: What's the Difference?

How we use Active Directory at work | Real world | Best Practice and tips

Understanding Active Directory and Group Policy

Azure Active Directory (AD, AAD) Tutorial | Identity and Access Management Service

Create User Accounts with Active Directory - The Easy Way!

Active Directory to People Who Have no Clue what AD is...

How to Create and Link a Group Policy Object in Active Directory

Active Directory Tutorial for Beginners

What is Active Directory?

How to Create OU, Users and Groups on Active Directory 2019

Active Directory, Azure Active Directory and Azure AD Domain Services Explained

Using Active Directory as an identity source for AWS IAM Identity Center | Amazon Web Services

Installing Active Directory on Windows Server on Virtual Machine (Home Lab) (Ep. 1)

Azure Active Directory | Azure Active Directory Tutorial | Azure Tutorial For Beginners |Simplilearn

What is LDAP and Active Directory ? How LDAP works and what is the structure of LDAP/AD?

Learn Microsoft Azure Active Directory in Just 30 Mins (May 2023)

What Is Active Directory Federation Services (ADFS)?

Active Directory: Episode 2 - Joining a computer to a domain

Setting up Active Directory in Windows Server 2019 (Step By Step Guide)

How to create an Active Directory domain step by step guide (Windows Server 2022)