AWS Single Sign-On | Miscellaneous Flashcards
Does AWS SSO support single sign-on to native mobile and desktop applications?
Miscellaneous
AWS Single Sign-On | Security, Identity & Compliance
No. AWS SSO supports single sign-on to business applications through web browsers only.
What data will AWS SSO store on my behalf?
Miscellaneous
AWS Single Sign-On | Security, Identity & Compliance
AWS SSO will store data about which AWS accounts and cloud applications are assigned to which users and groups, as well as what permissions have been granted for accessing AWS accounts. AWS SSO will also create and manage IAM roles in individual AWS accounts for each permission set you grant access for your users.
Does AWS SSO support multifactor authentication (MFA)?
Miscellaneous
AWS Single Sign-On | Security, Identity & Compliance
Yes. You can require users to provide an additional factor for signing in to AWS SSO by operating a Remote Authentication Dial-In User Service (RADIUS) server and configuring the RADIUS server to work with Active Directory or AD Connector.
How do my employees get started using AWS SSO?
Miscellaneous
AWS Single Sign-On | Security, Identity & Compliance
Employees can get started with AWS SSO by visiting the AWS SSO user portal that is generated when you connect your directory to AWS SSO. They can sign in with their Active Directory user name and password and then view the accounts and applications assigned to them. To access an account or application, employees choose the associated icon from the AWS SSO user portal.