In this article I will show you how to create Aws SSO and integrate it with you azure AD for Single Sign on (SSO)
Many organisations have multiple public cloud providers. The challenge with cloud for many organisation is having a good mechanism on user access management (UAM). Many organisation have also integrated there LDAP into Azure AD , and while there are better Identity provider( IdP) Microsoft have made good improvements in this space.
Aws SSO is amazon alternative to Azure AD and has many connector to 3rd parties however in this senario we are going to put Azure AD as the primary and use AWS SSO to integrate with an AWS organisation.
Login to you master AWS Organisation account and go to
When you login you will get a screen like bellow
Click the Enable AWS SSO . In the background SSO is provisioned in each of the organisations accounts . you can see this but looking at the subscriptions IAM
Once provisioned into SSO and click on choose Identity Source
Click Change identity Source from AWS SSO
Select External Identity provider and download the metadata file.
Next go to Azure AD Config Part 2