Skip to main content

AWS IAM Identity Center AWS IAM Identity Center

AWS IAM Identity Center is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts. By default, AWS IAM Identity Center now provides a directory that you can use to create users, organize them in groups, and set permissions across those groups.

Creating an AWS IAM Identity Center connection

An external identity provider with automatic provisioning must be configured to create an AWS IAM Identity Center connection.

To create the connection you need:

  • An access token
  • The SCIM URL

Using Access Token

To create the connection you need:

  • A Start URL
  • An Access Token

Obtaining the credentials

First, configure an external identity provider.

Follow the AWS IAM Identity Center docs to connect to your desired provider.

For G-Suite, follow the linked article.

Next, enable automatic provisioning to obtain the access token.

If it is not enabled, go to Settings > Enable automatic provisioning. A dialog window appears with start URL and the Access Token. Save these values.

Otherwise, regenerate the access token by following the AWS documentation.

Creating your connection

  1. In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
  2. Select the AWS IAM Identity Center icon. A dialog box with name of the connection and connection methods appear.
  3. (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
  4. Select Access Token as the method to create the connection.
  5. Fill in the parameters:
    • The URL, including the /scim/v2/ suffix
    • The Access Token
  6. (Optional) Click Test Connection to test it.
  7. Click Create connection. The new connection appears on the Connections page.