Amazon Web Services (AWS) Connector
___________________________________________________________________________________________________________________________________
IMPORTANT: You must purchase Cloud Access Management to enable Cloud Governance features. Contact your SailPoint CSM to request access.
___________________________________________________________________________________________________________________________________
Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. The SailPoint Amazon Web Services (AWS) Connector can be used to manage all the AWS Accounts in your organization or a subset of AWS Accounts. IdentityIQ for Amazon Web Services manages the AWS Organizations entities such as Service Control Policies, Organization Units and AWS Accounts. It also manages the IAM (Identity Access Management) entities such as Users, Groups, Roles, Inline policies, Managed policies (AWS and Customer managed) under each AWS Account.
Support Level: SailPoint Delivered
Connectors developed by SailPoint's Engineering team and supported under annual SailPoint support and maintenance. Reach out to SailPoint support for assistance.
Supported Use Cases
- Full Account Aggregation
- Single Account Aggregation
- Full Entitlement Aggregation
- Full Group Aggregation
- Single Group Aggregation
- Create Account Provisioning
- Update Account Provisioning
- Delete Account Provisioning
- Create Group Provisioning*
- Update Group Provisioning*
- Delete Group Provisioning*
- Enable / Disable Account Provisioning
- Unlock Account Provisioning
- Change Account Password
- Add Entitlement(s)
- Remove Entitlement(s)
*This feature is currently supported only with the IdentityIQ platform
Supported Versions
- Amazon Web Services
Related Documentation
Contact Us
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Does IdentityIQ AWS connector support add Tags to AWS IAM User Account profile part of account provisioning process?
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Does IdentityIQ AWS connector also manage AWS Single Sign-On (SSO)?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
I was wondering the same, does the IdentityIQ AWS connector also manage AWS Single Sign-On (SSO)?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
@vonschwc The IdentityIQ AWS connector is specifically designed to integrate with and manage access to AWS resources, such as IAM users, groups, and roles. You can try to use Web-service or SCIM connector for AWS SSO.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Currently this connector does not support federated Active Directory Security Group/Role to connect to AWS IAM Accounts, I believe the product manager mentioned this should be implemented in 8.3p1.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
I have configured IdentityNow using the Amazon Web Services (AWS) Connector and am now able to report on IAM Users. However I also have some AWS SSO users and am not able to report on these SSO users. Does the Amazon Web Services (AWS) Connector also manage AWS Single Sign-On (AWS SSO) users?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
AWS has released a new API recently. Should we use the generic Webservice connector for that?
Announcing new AWS IAM Identity Center (successor to AWS SSO) APIs to manage users and groups at sca...
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
is there a SailPoint integration with AWS IAM Identity Center (Successor to AWS Single Sign-On)?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
is there a SailPoint integration with AWS IAM Identity Center (Successor to AWS Single Sign-On)?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Does Sailpoint now support the AWS IAM identity Center now?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Where can I get details on creating a custom connector in order to integrate with AWS IAM identity Center ?
Are there any plans to offer this integration out of the box as part of the IdentityIQ product ?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
is there any update from SailPoint on integration with AWS IAM Identity Center ?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Do you guys have a demo on what IdentityIQ --> AWS connector can do? A video would be enough
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
I am interested in same topic - could someone from SailPoint respond to the question about an IIQ integration to AWS IAM Identity Center?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
@kcarrosino there is no connector right. But I encourage you and every one who wants this connector to be included in IIQ to check the in discovery topic about this: https://developer.sailpoint.com/discuss/t/in-discovery-iiq-aws-connector-support-for-aws-iam-identit...
Else you will need to create a custom connector to do it thanks to AWS SDK.