This tutorial describes how you can configure SSO for AWS.
- Log in to the WSO2 Identity Cloud using the admin credentials.
- Click Download IDP metadata to download metadata xml.
- Go to https://aws.amazon.com and sign in to the AWS management console using valid AWS account.
- In the AWS services page, under security, identity & compliance, click IAM.
- In the left navigation panel, click Identity providers.
- Create an identity provider by selecting the provider type as SAML, provider name and uploading metadata xml file.
- In the left navigation panel, click Roles.
- Enter a unique role name and click Next Step at the bottom of the page.
- In select role type page, select Role for Identity Provider Access and select Grant Web Single Sign-on (WebSSO) access to SAML providers.
Grant Web Single Sign-On (SSO) access to SAML identity providers or Grant API access to SAML identity providers.
- In establishing trust page, select the provider that you're creating the role for (i.e. wso2_identity_cloud)