Amazon Web Services Connector

The Amazon Web Services (AWS) Connector allows PingFederate to integrate with Amazon’s AWS Identity and Access Management service for provisioning and single sign-on (SSO).

Features

Manages users in AWS IAM Identity Center based on changes in an external data store that is attached to PingFederate.
- Creates, updates, and deletes users.
- Allows you to enable the create, update, and delete capabilities independently.
Manages groups
- Creates groups
- Updates group memberships and names.
Enables browser-based SSO initiated by the identity provider (IdP).
Pre-populates some connection settings with the included quick connection template.
Supports the following attributes: UserName, Password, and PasswordResetRequired.
Pre-populates some connection settings with the included quick connection template.

Intended audience

This document is intended for PingFederate administrators.

Before you start, you should be familiar with the following:

The following sections of the AWS IAM Identity Center documentation:
- AWS Identity and Access Management (IAM)
- IAM Users
The following sections of the PingFederate documentation:

System requirements

PingFederate 8.0 or later.
To allow PingFederate to make outbound connections to AWS IAM Identity Center, you might need to allow the following endpoint in your firewall:
- https://iam.amazonaws.com