Difference between revisions of "AWS Solutions Architect/training/Section 4: AWS Directory Services and Federation"

Latest revision as of 16:38, 11 February 2024

37. Introduction
38. AWS Directory Services
39. Identity Providers and Federation
40. [HOL] IAM Identity Center IAM Identity Center (the successor to AWS SSO) offers SAML and OIDC options for Single Sign-On. AWS IC is the new thing that AWS will push you towards, and it could make sense for new installations. However, regular IAM isn't going away and if you are already deeply invested in that, you don't want to switch (without a good rationale).
41. Amazon Cognito Key use case is for web and mobile applications. Understand the difference between:
- Cognito User Pools - where the identities can come from (or they can come from other Identity Providers such as social IdPs/SAML/OIDC)
- Cognito Identity Pools - used to obtain temporary, limited-privilege credentials (through AWS STS) for AWS services by assuming IAM roles

@@ Line 1: / Line 1: @@
-* 37. Introduction
+*37. Introduction
-* 38. AWS Directory Services
+*38. AWS Directory Services
-* 39. Identity Providers and Federation
+*39. Identity Providers and Federation
-* 40. [HOL] IAM Identity Center
+*40. [HOL] IAM Identity Center IAM Identity Center (the successor to AWS SSO) offers SAML and OIDC options for Single Sign-On. AWS IC is the new thing that AWS will push you towards, and it could make sense for new installations. However, regular IAM isn't going away and if you are already deeply invested in that, you don't want to switch (without a good rationale).
-* 41. Amazon Cognito
+*41. Amazon Cognito Key use case is for web and mobile applications.  Understand the difference between:
+**Cognito User Pools - where the identities can come from (or they can come from other Identity Providers such as social IdPs/SAML/OIDC)
+**Cognito Identity Pools - used to obtain temporary, limited-privilege credentials (through AWS STS) for AWS services by assuming IAM roles