Configure AWS IAM Role Federated
What is an AWS IAM Role Federated session
An AWS IAM Role Federated session represents an access type that relies on a federation between an AWS account and an external Identity Provider.
AWS Identity and Access Management (IAM) supports identity federation for delegated access to the AWS Management Console or AWS APIs. With identity federation, external identities are granted secure access to resources in your AWS accounts through IAM roles.
These external identities can come from your corporate identity provider (such as Microsoft Active Directory or from the AWS Directory Service) or from a web identity provider (such as Amazon Cognito, Login with Amazon, Facebook, Google, or any OpenID Connect-compatible provider).
We currently only support SAML 2.0 federation.
- Refer to this guide to provision your own federated roles.
- Refer to this guide to configure and trust your SAML 2.0 Identity Provider.
Supported SAML Identity Providers
Is your SAML 2.0 Identity Provider not included in the above list? Please, refer to the FAQ to add a new one.
How to configure an AWS IAM Role Federated in Leapp
- From the top bar, click on the plus icon to ass a new session.
- Select "Amazon AWS" as the Cloud Provider.
- Select "AWS IAM Role Federated" as the access method.
- Provide the required information (described in the next section).
- Click on the "Create Session" button.
| ||Your friendly session name in Leapp. Give it a meaningful name so it will be easier to find inside Leapp.|
| ||Your friendly session name in the AWS credential file. You will be able to reference it from the AWS CLI with |
| ||Your default region of choice. Select the one which you use the most for this Session.|
| ||Your SAML URL interface to start the authentication flow and log into your Identity provider.|
| ||Your Identity Provider ID in AWS. You can find it in IAM section Identity Providers.|
| ||Your IAM Role unique ID. The active Session will refer to this Role.|