After mapping Amazon Web Services (AWS) role groupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups. to entitlements, you need to assign all AWS management groups to the AWS appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. in Okta. If you have provisioning enabled and you can't assign a management group, disable provisioning and then assign all AWS management groups to the AWS app in Okta.
On the Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, click Applications.
- Enter AWS in the Search field.
- Click AWS Account Federation and click the Assignments tab.
Click Assign > Assign to Groups.
- For each AWS management group, click Assign.
- Click Done.
Users are automatically assigned to AWS and can access the entitlements you defined.
- Verify that users can access AWS from their Okta Dashboard and sign-on works as expected.