When
-
Session Host/Speaker(s)
AWS provides many different ways to support authentication approaches called "Single Sign On". These all allow users to log in to AWS or AWS-hosted applications using their campus credentials, without needing to create a local user within the account or application.
This session provides an overview of many of these approaches, with a discussion of some of the implications of using each one.
Sample topics to be covered:
- Authenticating infrastructure level (e.g., console, CLI) access to AWS
- AWS SSO
- SAML integration with the IAM console
- Authenticating applications hosted in AWS
- Authenticating to AWS "end user compute" services (e.g., Appstream, Quicksight)
- Using Cognito with SAML
- Hosting Shibboleth SPs in AWS
- Using OAuth/OIDC and custom OPs
[If this session is of interest/accepted I'll tighten up and clarify the outline.]