AWS IAM Identity Center
AWS IAM Identity Center is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts. By default, AWS IAM Identity Center now provides a directory that you can use to create users, organize them in groups, and set permissions across those groups.
Creating an AWS IAM Identity Center connection
An external identity provider with automatic provisioning must be configured to create an AWS IAM Identity Center connection.
To create the connection you need:
- An access token
- The SCIM URL
Using Access Token
To create the connection you need:
- A Start URL
- An Access Token
Obtaining the credentials
First, configure an external identity provider.
Follow the AWS IAM Identity Center docs to connect to your desired provider.
For G-Suite, follow the linked article.
Next, enable automatic provisioning to obtain the access token.
If it is not enabled, go to Settings > Enable automatic provisioning. A dialog window appears with start URL and the Access Token. Save these values.
Otherwise, regenerate the access token by following the AWS documentation.
Creating your connection
- In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
- Select the AWS IAM Identity Center icon. A dialog box with name of the connection and connection methods appear.
- (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
- Select Access Token as the method to create the connection.
- Fill in the parameters:
- The URL, including the
/scim/v2/suffix - The Access Token
- The URL, including the
- (Optional) Click Test Connection to test it.
- Click Create connection. The new connection appears on the Connections page.