amazon-web-servicesamazon-iamaws-ssoaws-iam-identity-center

What happens to existing AWS IAM users when enable IAM Identity Center?


I want to enable IAM Identity Center and configure an external IdP for an existing AWS account. This AWS account already has users, created with IAM.

What happens to these users?

I'm especially worried about users used by my application to, for example, access S3 buckets. They have no password but only an access key and secret. Will these users' keys work after the configuration of the external IdP?

Thanks


Solution

  • From Does using the IAM Identity Center affect my IAM identities or federation configuration?

    The IAM Identity Center is independent of identity federation configured using IAM. Using the IAM Identity Center doesn't impact IAM identities or your federation configuration.

    Note, AWS IAM Identity Center makes it easy to centrally manage access to multiple AWS accounts and provide users with single sign-on access to all their assigned accounts from one place.

    If you have only one account, you don't necessarily need to use AWS IAM Identity Center to configure an external IDP (you can, but it's not mandatory), you can also configure an external IDP at the account level (in IAM > Identity providers).