Amazon

Provisioning options reference

The AWS IAM Identity Center Provisioner allows you to enable actions independently and customize other provisioning options.

Field Name Description

User Create
Selected (default)

PingFederate creates users in AWS IAM Identity Center.

Cleared

PingFederate does not create users in AWS IAM Identity Center.

User Update
Selected (default)

PingFederate updates existing users in AWS IAM Identity Center.

Cleared

PingFederate does not update existing users in AWS IAM Identity Center.

User Disable / Delete
Selected (default)

PingFederate removes users from AWS IAM Identity Center according to the Remove User Action setting.

Cleared

PingFederate does not remove users from AWS IAM Identity Center.

Provision Disabled Users
Selected

PingFederate creates users in AWS IAM Identity Center with a "disabled" status.

Cleared (default)

If a user has a "disable" status, PingFederate does not create the user in AWS IAM Identity Center.

If any of the above options are cleared, PingFederate logs a warning in the user workflow section of provisioner.log when the related action fails.

Remove User Action

This option applies when:

  • User Disable / Delete is selected, and

  • a previously-provisioned user no longer meets the condition set on the Source Location tab, or

  • a user has been disabled or deleted from the data store.

    Delete

    PingFederate deletes the user from AWS IAM Identity Center.

    Disable (default)

    PingFederate disables the user in AWS IAM Identity Center.