How To Dev

Introduction SSO (Single Sign-On) is a centralized authentication mechanism that allows users to access multiple different systems with a single set of login credentials. Key advantages include: Improving user experience by reducing the number of passwords to remember. Enhancing security through centralized management and minimizing the risk of brute-force attacks at various points. Purpose: To enable users to log in only once to one location (Identity Provider - IdP) but be able to access multiple different applications without re-entering their password. Example: You log into your Google account, then open Gmail, YouTube, Drive without logging in again. SAML & SAML2 (Security Assertion Markup Language) SAML 1.0/1.1 were the first versions that laid the foundation for exchanging identity data using XML, but are now obsolete. SAML 2.0 (Saml2) is a strong combination and improvement, supporting modern web scenarios and becoming the most popular standard for SSO in Corporate/Enterpri...

Introduction This guide covers IAM Identity Center (formerly SSO) and MFA Enforcement (requiring two-factor authentication). IAM Identity Center (SSO) is a centralized access management service. It lets you manage user identities and permissions across all your AWS accounts and business apps in one place. When combined with MFA Enforcement, you create a high-security barrier while keeping the login experience smooth for your team. Key Benefits Single Sign-On (SSO) Experience: Employees only need to remember one password to access all AWS resources via a custom portal. Maximum Security with MFA: Even if a password is leaked, attackers can't get in without the physical device or MFA app. Reduced Operational Risk: No more managing long-term Access Keys (which are easily leaked). These are replaced by short-lived, auto-expiring temporary tokens. The Workflow Create a Resource Stack: Define permissions and groups, then assign permissions to those groups. Create Users: Use IAM Identity C...