How to use G Suite as an external identity provider for AWS SSO (Yann Stoneman)
Рет қаралды 10,955
3 жыл бұрынJoin me as I walk through the steps of configuring G Suite (aka Google Workspace) as the IDP for your Amazon Web Services Single-Sign On.
The tutorial I follow: aws.amazon.com/blogs/security...
Roles in G Suite, including the Super Admin role needed to follow along:
support.google.com/a/answer/2...
Supported Identity Providers in AWS SSO for automatic user provisioning:
docs.aws.amazon.com/singlesig...
To automatically sync G suite users via an AWS Lambda function or the CLI (not shown in video):
github.com/awslabs/ssosync
Follow me on:
- Medium at / ystoneman
- KZfaq at youtube.stonemancloud.com
- LinkedIn at / ystoneman
- Twitter at / yannstoneman
#GSuiteasanexternalidentityproviderforAWSSSO #gsuite #aws #SupportedIdentityProvidersinAWSSSO #yannstoneman
@drvoip 2 жыл бұрын
Good info but here are some other items you will NOT find in docs. First, the identify provider, role and policy must be created in the account that hosts the application you want the authenticated user to be referred to by SSO. Second, in an Organization the SSO must be configure in the Parent account, not the daughter accounts. - DrVoIP
@obax Жыл бұрын
Awesome info Yann. Please don't forget to upvote the useful answers in SO 😊
@zlw2161 Жыл бұрын
Dude you saved me lol, I was trying to figure this out for 2 days and I finally realized that the username I was creating wasn't the email address. As soon as I made the username the email address it worked! Thank you so much!
@YannStoneman Жыл бұрын
Phew - so glad I helped you over that hurdle!
@thedevtony8828 Жыл бұрын
You saved my ass with the fully qualified email in the username field comment! Quality stuff
@YannStoneman Жыл бұрын
Thanks so much for that, TheDevTony!! These are the kind of comments that make me do these videos!!
@zlw2161 Жыл бұрын
Me too I had the same issue!
@YannStoneman Жыл бұрын
@@zlw2161 nice to find out you’re not the only one huh :)
@pratikparikh8027 2 жыл бұрын
nice demo!
@user-dl1ei6ho9y 9 ай бұрын
Hi Yann, can you make same video for azure portal also how we can use google as identity provider in azure portal?
@user-dl1ei6ho9y 7 ай бұрын
Hi Yann, did you create the same for azure portal?
@user-dl1ei6ho9y 9 ай бұрын
Hi Yann, I have done this Configuration in AWS and it was really helpful, Now can you make one video on Azure Portal also , there how we can use Google as identity provider
@idansoffer5675 2 жыл бұрын
nice video !
@YannStoneman 2 жыл бұрын
Thanks Idan! And thanks for watching :)
@sureshkachwa5345 Жыл бұрын
How do we configure SAML2.0 through IAM Identity center for all your child accounts ?
@cyberwave8940 9 ай бұрын
Hey great tutorial, do you think it's possible to setup SSO for AWS workspaces with GWS as the IdP? I believe GWS doesn't support the proper StateID (sAMAccountName). Thoughts?
@YannStoneman 9 ай бұрын
Thanks for commenting! Glad you liked it. The nice thing about AWS SSO (now AWS IAM Identity Center), is that the IdP and the AWS service are decoupled. So as long as SSO supports GWS and Workspaces supports SSO, you should be good. Have you tried it? Testing it out should be pretty quick. Let me know how it goes!
Tiny Technical Tutorials
Рет қаралды 21 М.
DGR Uploads
Рет қаралды 1,3 М.
Gufee.medalin
Рет қаралды 10 МЛН
Security in Action 101
Рет қаралды 15 М.
Security in Action 101
Рет қаралды 8 М.