Identity Center 3 Flashcards
Application Assignments
What are App Assignments?
Way to AuthZ your Workforce Identities with cloud apps (SalesForce) or SAML apps
Application Assignments
What apps can use Identity Center?
SAML apps, cloud apps, some AWS Services, AWS Console
Application Assignments
Examples of AWS systems that use Identity Center for login?
SageMaker Studio, EC2 Windows instances
Application Assignments
What cloud apps can use Identity Center?
Piles, not just a few. Examples: Microsoft 365, DropBox, SAP, SonarQube, Splunk
Application Assignments
How many preintegrated apps come with Identity Center?
Dozens and dozens
Application Assignments
Examples of pre-integrated apps you can use with App Assignments?
Slack
Application Assignments
What are examples of SAML apps?
Salesforce and Microsoft 365
Multi-Account Perms, AWS Organizations
How does IC handle permissions across multiple AWS accounts?
IC holds the permissions, don’t have duplicate IAM Policies across accounts
Multi-Account Perms, AWS Organizations
Who can administer Identity Center?
Pick other AWS accounts in your Org you set up as Delegated Administrators
Multi-Account Perms, AWS Organizations
Isn’t delegating admin to an entire AWS acct insecure?
No, each Principal still needs Policy giving access to I.C.
Portal
How does the Portal work?
Auth with it, then just click any app icon to be automatically logged into it.
Portal
Caveat with the portal and new apps?
Might have to log out and back in again to see new apps.
Portal
How do you switch to a different user in the Portal?
You don’t. Sign out and back in as the other user. Lose all your logins to currently-running apps.
Portal
How do you avoid people constantly logging out and in to do different things?
One user per human, many roles. Can switch Roles easily in the Portal.
Portal
How does the Portal work to sign you into AWS accounts?
Just like Isengard: sign into Portal, click an AWS account you want to assume. Get CLI creds or web redirect.