Amazon Web Services (AWS) Connector

Amazon Web Services (AWS) Connector

___________________________________________________________________________________________________________________________________

IMPORTANT: You must purchase Cloud Access Management to access and use this connector to govern your cloud environments. Contact your SailPoint CSM to request access.

___________________________________________________________________________________________________________________________________

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. The SailPoint Amazon Web Services (AWS) Connector can be used to manage all the AWS Accounts in your organization or a subset of AWS Accounts. IdentityIQ for Amazon Web Services manages the AWS Organizations entities such as Service Control Policies, Organization Units and AWS Accounts. It also manages the IAM (Identity Access Management) entities such as Users, Groups, Roles, Inline policies, Managed policies (AWS and Customer managed) under each AWS Account.

 

Support Level: SailPoint Delivered

Connectors developed by SailPoint's Engineering team and supported under annual SailPoint support and maintenance. Reach out to SailPoint support for assistance.

 

Supported Use Cases

  • Full Account Aggregation
  • Single Account Aggregation
  • Full Entitlement Aggregation
  • Full Group Aggregation
  • Single Group Aggregation
  • Create Account Provisioning
  • Update Account Provisioning
  • Delete Account Provisioning
  • Create Group Provisioning*
  • Update Group Provisioning*
  • Delete Group Provisioning*
  • Enable / Disable Account Provisioning
  • Unlock Account Provisioning
  • Change Account Password
  • Add Entitlement(s)
  • Remove Entitlement(s)

*This feature is currently supported only with the IdentityIQ platform

Supported Versions

  • Amazon Web Services 

 

Related Documentation

IdentityNow

IdentityIQ

 

Contact Us

SailPoint Support

SailPoint Professional Services

Comments

Does IdentityIQ AWS connector support add Tags to AWS IAM User Account profile part of account provisioning process?

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

 

 

Does IdentityIQ AWS connector also manage AWS Single Sign-On (SSO)?

I was wondering the same, does the IdentityIQ AWS connector also manage AWS Single Sign-On (SSO)?

@vonschwc  The AWS connector currently only manages AWS IAM and Organisation entities. you can try to use Web-service or SCIM connector for AWS SSO. 

Currently this connector does not support federated Active Directory Security Group/Role to connect to AWS IAM Accounts, I believe the product manager mentioned this should be implemented in 8.3p1. 

I have configured IdentityNow using the Amazon Web Services (AWS) Connector and am now able to report on IAM Users. However I also have some AWS SSO users and am not able to report on these SSO users. Does the Amazon Web Services (AWS) Connector also manage AWS Single Sign-On (AWS SSO) users?

Version history
Revision #:
7 of 7
Last update:
‎May 02, 2022 10:23 AM
Updated by: