What's Identity Federation

What's Identity Federation?¶

• Federation lets users outside of AWS to assume temporary role for accessing AWS resources.
• These users assume identity provided access role.
• Federation assumes a form of 3rd part authentication:
  • [[LDAP]]
  • Microsoft [[Active Directory]] (~=[[SAML]])
  • AWS Single Sign ON (SSO)
  • [[Open ID]]
  • Programming/AWS/Cognito/AWS Cognito
• Using federation, you don't need to create IAM users (user management is outside of AWS)