A Presentation on CI/CD implementation using the Maven build tool, AWS CodeCommit as a Git repository, AWS CodeArtifact as a Maven Repository, AWS ECR as a Docker repository, OWASP CycloneDx to generate a Software Bill of Material, OWASP DepencencyTrack tool for vulnerability tracking.
Tag: AWS
Manage AWS Account Using IAM Identity Center or AWS Single Sign On
AWS IAM Identity Center is a cloud-based identity and access management (IAM) service that helps you manage your users and their access to AWS accounts and applications. It provides a single place to create, connect, and manage your workforce users, and to centrally manage their access across all your AWS accounts and applications.
AWS Identity Center (IAM Identity Center) is a service that makes it easy for you to centrally manage access to multiple AWS accounts and business applications. It provides your workforce with single sign-on access to all assigned accounts and applications from one place.
Here are some of the benefits of using AWS IAM Identity Center:
- Centralized access management: IAM Identity Center allows you to centrally manage access to all your AWS accounts and applications from a single console. This makes it easy to track who has access to what, and to revoke access as needed.
- Single sign-on: IAM Identity Center provides single sign-on (SSO) for all your AWS accounts and applications. This means that your users can sign in once to IAM Identity Center and then access all their assigned accounts and applications without having to enter their credentials again.
- Fine-grained permissions: IAM Identity Center allows you to define fine-grained permissions for your users. This means that you can control exactly what resources your users can access and what actions they can perform.
- Auditing and reporting: IAM Identity Center provides auditing and reporting capabilities. This allows you to track user activity and to identify potential security risks.
- Integration with other AWS services: IAM Identity Center integrates with other AWS services, such as AWS CloudTrail and AWS Security Hub. This allows you to get a comprehensive view of your AWS security posture.
Overall, AWS IAM Identity Center is a powerful tool that can help you to improve the security and efficiency of your AWS environment.
Here are some additional benefits of using IAM Identity Center:
- Reduced administrative overhead: IAM Identity Center can help you to reduce the administrative overhead of managing access to multiple AWS accounts and applications. This is because IAM Identity Center can automate many of the tasks that are involved in managing access, such as provisioning users, assigning permissions, and revoking access.
- Improved security: IAM Identity Center can help you to improve the security of your AWS environment by providing centralized access control and auditing capabilities. This can help you to prevent unauthorized access to your AWS resources and to identify and respond to security incidents more quickly.
- Increased compliance: IAM Identity Center can help you to demonstrate compliance with industry regulations such as HIPAA, PCI DSS, and GDPR. This is because IAM Identity Center provides auditing and reporting capabilities that can help you to track user activity and to identify potential security risks.
If you are looking for a way to centrally manage access to multiple AWS accounts and applications, then IAM Identity Center is a good option to consider. IAM Identity Center can help you to improve the security, efficiency, and compliance of your AWS environment.
AWS IAM Identity center was knows as AWS Single Sign-On (AWS SSO) service.
Start AWS IAM Identity center setup by opening a IAM Identity center dashboard page. (search from service search bar)
Open Identity Center Dashboard to enable the IAM Identity Center
If AWS Organization is not enabled and set this process also would ask for enable and set AWS Organization with IAM Identity center enable process.
Once AWS Organization is created and IAM Identity center is enabled, you are good to start setting IAM Identity center to create a user and provide permission to login into AWS Account also it allows you to federate Users with a Directory provider like Active Directory. In the Settings Summary, you can find the “AWS Access portal URL” This is the URL going to be used for login into AWS Account using IAM Identity center.
AWS Access portal url: https://xxxxxxxxaaa.awsapps.com/start
The Dashboard shows the Recommend setup steps to follow.
Step 1: Choose your identity source
Nothing needs to do unless you plan to use other identity stores then
Step 2: Create a Group and assign an permission
Create Group
Display List Crated Group
Step 3: Create a permission set by Policy for predefined permission set or create Custom permission set and assign to Group
Select AdministratorAccess from select an AWS Managed policy and click Next to set a detailed setting like session timeout.
Review and create a permission set.
Now it’s time to associate Account with permission set and group. For this select Account from AWS Organization
Select a Group from the list of groups to associate with Account
Select Permission set from a list of permissions
Review and submit to associate Account, Group, and Permission set.
Now Account, Group, and Permission Set the time to create a User with an email address, Name and add to the Admin group.
Select Admin Group from the group list
Review and Add the user. this would one-time password and login detail.
Now AWS IAM Identity Center is ready to log in. Open AWS Access portal URL to log in using the user and reset the password.
Once login into AWS Portal, you can select AWS Account and log in by assuming Admin Role or can get a Setting for AWS Cli configuration to use AWS Cli (V2) using AWS SSO.
Click on “Command line or programmatic access” would open a popup to show the AWS SSO tokens detailsĀ and the way to configure AWS Cli (V2) using AWS SSO
Happy AWSing!