For next steps, keeping Change identity source page open, will to switch your Google Admin console use service provider metadata information configure IAM Identity Center a custom SAML application. Google Workspace SAML application setup. Open Google Admin console a browser tab, that can copy metadata information the previous .
On Choose identity source page, select External identity provider, then choose Next. Configure external identity provider page opens. complete page the Google Workspace page Step 1, will to complete following: Identity Provider metadata section the IAM Identity Center console, will to either the following:
The federated user clicks the Google Workspaces SSO link AWS their browser. the user not logged in, will to Google Workspaces account login portal. Google federation service authenticates user credentials, then generates SAML authentication response identify user includes custom attributes. .
Set Google Workspace a SAML identity provider (IdP) AWS. Test integration Google Workspace AWS IAM. Roll to wider user base. Detailed procedures each these steps compose remainder this blog post. Step 1. Download Google identity provider (IdP) information
Enter Amazon Web Services the search field.; the search results, hover the Amazon Web Services SAML app click Select.; the Google Identity Provider details page, click Continue. the Service provider details page, ACS URL Entity ID values Amazon Web Services configured default. Click Continue.; the Attribute Mapping page, click Select field menu .
Join as walk the steps configuring Suite (aka Google Workspace) the IDP your Amazon Web Services Single-Sign On. . the IDP your Amazon Web Services Single-Sign .
Now, let's jump into setup AWS SSO Google Workspace. Set Google Workspace the identity store AWS SSO. 1. Enable AWS SSO. your AWS console, to AWS SSO service .
The user entity not a user account, it be logical object. maps Google Workspace (G Suite) user its primary email address the username the user acccount AWS SSO. user entity AWS SSO you grant Google Workspace (G Suite) user access AWS accounts define permissions those accounts.
Using Security Assertion Markup Language (SAML), users use Google Cloud credentials sign to enterprise-cloud applications. Set SSO SAML Amazon. Here's to set single sign-on (SSO) SAML the Amazon application. Step 1: Google identity provider (IdP) information
AWS Single Sign-On (SSO) it easy centrally manage access multiple AWS accounts business applications provide users single sign-on access all assigned accounts applications one place. . (Google Workspace) users AWS Single Sign-on (AWS SSO) Complete documentation available https://github.com .
Google Workspace SSO Configuration