Cloud Identity Integration

AWS IAM Identity Center

Connect TigerIdentity to AWS IAM Identity Center (formerly AWS SSO) for unified cloud identity management, just-in-time access, and cross-account governance.

Book a DemoView Documentation

Key Features

AWS Account Sync

Automatically discover and sync users, groups, and permission sets across AWS accounts.

Identity Graph

Map AWS SSO identities to your unified identity graph for cross-cloud visibility.

Permission Set Mapping

Translate AWS permission sets into TigerIdentity entitlements for unified policy management.

Event Streaming

Subscribe to AWS CloudTrail events for real-time visibility into SSO access patterns.

Just-In-Time Access

Provision temporary AWS account access based on dynamic TigerIdentity policies.

Multi-Account Support

Manage identities across multiple AWS organizations and accounts from a single control plane.

How It Works

1

Connect

Configure the connector with your AWS Identity Center instance ARN and assume an IAM role with read permissions.

2

Sync

TigerIdentity syncs users, groups, permission sets, and account assignments from your AWS organization.

3

Enforce Policies

Use AWS identity data in TigerIdentity policies to govern access across your entire stack.

Configuration Example

connector:
  type: aws-identity-center
  name: "aws-sso-production"

  config:
    region: "us-east-1"
    instance_arn: "${AWS_SSO_INSTANCE_ARN}"
    identity_store_id: "${AWS_IDENTITY_STORE_ID}"
    role_arn: "${AWS_CONNECTOR_ROLE_ARN}"

  sync:
    users: true
    groups: true
    permission_sets: true
    account_assignments: true

  events:
    - sso.authentication
    - sso.assignment.created
    - sso.assignment.deleted
    - sso.permission_set.provisioned

  mapping:
    user_attributes:
      - aws: userName
        tiger: email
      - aws: displayName
        tiger: full_name
      - aws: department
        tiger: department

Use Cases

Cloud Identity Source

Use AWS Identity Center as your authoritative source for cloud workforce identities.

Cross-Cloud Governance

Unify AWS SSO access with Azure AD and GCP identities in a single governance model.

Temporary Privilege Elevation

Grant just-in-time access to AWS accounts with automatic time-bound permission set assignments.

Compliance Reporting

Generate audit trails showing who accessed which AWS accounts and when, across all organizations.

Ready to connect AWS Identity Center?

See how TigerIdentity integrates with your AWS environment in a personalized demo.

Schedule Your Demo