Connect Okta to multiple Amazon Web Services instances
If you have more than 60 Amazon Web Services (AWS) accounts and want to manage app assignment from groups within an external directory (AD or LDAP), the preferred method is to use user groups to connect to Okta. In addition to external directories, you can use other profile-mastered applications and local Okta groups.
The Okta-AWS integration does not use provisioning functionality.
There is no limitation on the number of AWS accounts and roles.
- About integrating multiple AWS instances
- About AWS user and group access management
- Configure AWS accounts and roles for SAML SSO
- Create AWS role groups in an external directory
- Create management groups to map users to AWS accounts and roles
- Import AWS role and management groups into Okta
- Enable group-based role mapping in Okta
- Assign AWS management groups to the Okta AWS app