--- title: Amazon Web Services Connector description: The Amazon Web Services (AWS) Connector allows PingFederate to integrate with Amazon's AWS Identity and Access Management service for provisioning and single sign-on (SSO). component: amazon page_id: amazon:amazon_web_services_connector:pf_aws_connector canonical_url: https://docs.pingidentity.com/integrations/amazon/amazon_web_services_connector/pf_aws_connector.html revdate: July 3, 2024 section_ids: features: Features intended-audience: Intended audience system-requirements: System requirements --- # Amazon Web Services Connector The Amazon Web Services (AWS) Connector allows PingFederate to integrate with Amazon's AWS Identity and Access Management service for provisioning and single sign-on (SSO). ## Features * Manages users in Amazon Web Services based on changes in an external data store that is attached to PingFederate. * Creates, updates, and deletes users. * Allows you to enable the create, update, and delete capabilities independently. * Manages groups * Creates groups * Updates group memberships and names. * Enables browser-based SSO initiated by the identity provider (IdP). * Pre-populates some connection settings with the included quick connection template. * Supports the following attributes: `UserName`, `Password`, and `PasswordResetRequired`. * Pre-populates some connection settings with the included quick connection template. ## Intended audience This document is intended for PingFederate administrators. Before you start, you should be familiar with the following: * The following sections of the Amazon Web Services documentation: * [AWS Identity and Access Management (IAM)](https://aws.amazon.com/iam/) * [IAM Users](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html) * The following sections of the PingFederate documentation: * [Identity provider SSO configuration](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_ident_provid_sso_config.html) * [Datastores](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_managedatasourcestasklet_managedatasourcesstate.html) * [Managing IdP adapters](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_managing_idp_adapters.html) * [Managing digital signing certificates and decryption keys](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_certmanagementtasklet_dsigsigningcert_certmanagementstate.html) * [SP connection management](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/pf_sp_connect_management.html) * [Configuring outbound provisioning](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_saasprovisioningstate.html) * [Configuring outbound provisioning settings](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_protocolsettingstasklet_saasglobalprovisioningsettingsstate.html) ## System requirements * PingFederate 8.0 or later. * To allow PingFederate to make outbound connections to Amazon Web Services, you might need to allow the following endpoint in your firewall: * https\://iam.amazonaws.com