mmjpp (mmjpp) asked a question.
My work organsiation want us to explore the option of using Okta to SSO into our AWS accounts.
From reading the documentation I understand that IAM Identity Centre will be the best fit. However, it is a requirement of mine to manage the users, groups and permissions within Identity Centre myself and not have Okta provision the user accounts etc.
This would mean I have to raise a ticket and request someone in a different department that is an Okta administrator to either edit user details or add users etc and this in reality is just not practicial because I could be waiting weeks for any progress.
If I were to change the identity source to use external third party Okta, can I still manaully provision, create users, groups and permissions in Identity centre myself and retain that element of control?
Hello @mmjpp (mmjpp) Thank you for reacting out to our Community!
Reviewing the documentation, it seems that would be the case. However this is something on AWS side, rather the Okta side.
You could use the "AWS Account Federation" application that has the SSO functionality and Provisioning, but it's not true provisioning. In this case you still have access to create users into AWS and manage them.
Hope this helps.
Community members help others by clicking Like or Select as Best on responses. Try it today.