When this feature is enabled, a user's available IAM roles are automatically synched via SAML. When a user signs in to the
, the user can select a role to use.
D s webapp
Per-user authentication to AWS has been enabled.
NOTE: Please be sure to verify that you have deployed the required policies as part of any IAM roles in use.
For more information, see Configure AWS Per-User Auth for Temporary Credentials.
- This feature is supported only for the SAML authentication method of SSO authentication native to the
. It is not supported for any other SSO auth method. For more information, see Configure SSO for SAML.
D s platform
- AWS permissions must be defined via IAM role and made available to an identity provider that adheres to SAML standards. The SAML identity provider must be configured with a list of SAML assertions containing the IAM roles that an external user may assume.