DEV Community

Abdul Rehman
Abdul Rehman

Posted on

How to setup AWS IAM Identity Center with AWS Managed Microsoft AD

#aws #authentication #authorization #devops

This is a second article in series on Outsource your Authentication and Authorization to AWS IAM Identity Center.

In this article we will be configuring the AWS Managed Microsoft AD as an identity source for AWS IAM Identity Center(successor to AWS Single Sign-On).

Prerequisites

  • AWS Managed Microsoft AD, you can follow the previous article in series
  • AWS Organization should be already setup, it can be done in few clicks if any of you want a article on that feel free to leave a comment
  • Basic understanding of what are Single Sign-On Systems

I will be using N. Virginia(us-east-1) region throughout the series. To setup AWS IAM Identity Center with AWS Managed Microsoft AD follow the following steps:

  1. On your AWS Console search for Identity and click on IAM Identity Center IAM Identity Center
  2. Then enable and wait for few seconds Enable IAM Identity Center
  3. Now lets configure previously created Managed AD as our identity provider(IdP). For that click on Choose your identity source Configure IdP
  4. Then under Identity Source select Action and click on Change identity source Change identity source
  5. Then select Active Directory and Click Next Select Active Directory
  6. Then under Existing Directories select the AD we created previously and click Next Select the AD
  7. Now review all the consequences and type ACCEPT in confirmation box and click Change identity source Review idp
  8. Then wait for few seconds for changes to get applied and then you will be returned to Setting screen. Now click on Resume Sync Resume Sync
  9. Now we need Configure attribute mappings from AD to IAM Identity Center. AWS have recommended one we will go with them to configure at top of setting page click on Start guided setup Configure attribute mappings
  10. For now we don't need to modify the attribute mapping just click Next to configure it Configure attribute mappings
  11. Currently our AD have one user(Admin) and zero groups we will import Admin User searching Admin in search box then click Add and then select user and click next Import Admin User
  12. Then click on Save configuration Save configuration

That is it we have done all the required things to setup AWS IAM Identity Center with AWS Managed Microsoft AD.

Optional Step

Customize our access Portal URL.

  1. On your dashboard page. Click Customize in Setting Summary Customize URL
  2. Then access portal to your liking and click Save Image description

Lets Test our AWS Access Portal

  1. Copy the access Portal URL from Setting Summary
    Access Portal URL

  2. Access Portal using the URL you just copied. And login using Active Directory Admin Username and Password. If everything has been configured correctly you should see a Portal without any apps because we haven't configured any yet

Empty Access Portal

Top comments (0)

Read next

janasrikanth profile image

Most Commonly Used Docker Commands!

Srikanth Jana -

axeldlv profile image

Cloud Migration Strategies: The 7 Rs of Cloud Migration

Axel -

r0mymendez profile image

Deploying Docs-as-Code on AWS: Building Dynamic Documentation Sites in MkDocs and Docusaurus

Romina Mendez -

karthickdkk profile image

Dangerous Linux Configurations You Must Avoid for Secure Systems (Deep Dive)

karthick-dkk -