{"id":15993,"date":"2020-10-20T12:15:00","date_gmt":"2020-10-20T10:15:00","guid":{"rendered":"https:\/\/www.weare.fi\/?p=15993"},"modified":"2026-03-19T13:45:27","modified_gmt":"2026-03-19T11:45:27","slug":"azure-ad-sso","status":"publish","type":"post","link":"https:\/\/www.weare.fi\/en\/azure-ad-sso\/","title":{"rendered":"Azure AD SSO to AWS (Console and CLI) | Step-by-step Guide"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"15993\" class=\"elementor elementor-15993\" data-elementor-settings=\"{&quot;ha_cmc_init_switcher&quot;:&quot;no&quot;}\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-30a7f79f elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"30a7f79f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;motion_fx_opacity_range&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:{&quot;start&quot;:20,&quot;end&quot;:30}},&quot;sticky&quot;:&quot;top&quot;,&quot;motion_fx_motion_fx_scrolling&quot;:&quot;yes&quot;,&quot;motion_fx_opacity_effect&quot;:&quot;yes&quot;,&quot;_ha_eqh_enable&quot;:false,&quot;motion_fx_opacity_direction&quot;:&quot;out-in&quot;,&quot;motion_fx_opacity_level&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:10,&quot;sizes&quot;:[]},&quot;motion_fx_devices&quot;:[&quot;desktop&quot;,&quot;tablet_extra&quot;,&quot;tablet&quot;,&quot;mobile_extra&quot;,&quot;mobile&quot;],&quot;sticky_on&quot;:[&quot;desktop&quot;,&quot;tablet_extra&quot;,&quot;tablet&quot;,&quot;mobile_extra&quot;,&quot;mobile&quot;],&quot;sticky_offset&quot;:0,&quot;sticky_effects_offset&quot;:0,&quot;sticky_anchor_link_offset&quot;:0}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-338c91c9\" data-id=\"338c91c9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-395c126a elementor-widget elementor-widget-theme-site-logo elementor-widget-image\" data-id=\"395c126a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-site-logo.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.weare.fi\/en\">\n\t\t\t<img decoding=\"async\" width=\"429\" height=\"89\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2021\/10\/pieni_logo_horiso@2x-78x16.png\" class=\"attachment-full size-full wp-image-2197 lazyload\" alt=\"\" data-srcset=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2021\/10\/pieni_logo_horiso@2x.png 429w, https:\/\/www.weare.fi\/wp-content\/uploads\/2021\/10\/pieni_logo_horiso@2x-300x62.png 300w, https:\/\/www.weare.fi\/wp-content\/uploads\/2021\/10\/pieni_logo_horiso@2x-18x4.png 18w, https:\/\/www.weare.fi\/wp-content\/uploads\/2021\/10\/pieni_logo_horiso@2x-78x16.png 78w\" data-sizes=\"(max-width: 429px) 100vw, 429px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 429px; --smush-placeholder-aspect-ratio: 429\/89;\" \/>\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-7427e1f7\" data-id=\"7427e1f7\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3d3265b8 elementor-nav-menu__align-end header elementor-nav-menu--dropdown-tablet_extra elementor-hidden-tablet_extra elementor-hidden-tablet elementor-hidden-mobile_extra elementor-hidden-mobile elementor-nav-menu__text-align-aside elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu\" data-id=\"3d3265b8\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-chevron-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;layout&quot;:&quot;horizontal&quot;,&quot;toggle&quot;:&quot;burger&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-3d3265b8\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16592\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/\" class=\"elementor-item menu-link\">Splunk<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-24023\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability\/\" class=\"elementor-item menu-link\">Observability<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19823\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability-as-a-service\/\" class=\"elementor-sub-item menu-link\">Observointi palveluna<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-21974\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/weare-observability-hub\/\" class=\"elementor-sub-item menu-link\">Observability Hub<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-24069\"><a href=\"https:\/\/www.weare.fi\/en\/free-observability-maturity-assessment\/\" class=\"elementor-sub-item menu-link\">Free Observability Maturity Assessment<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-23594\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/\" class=\"elementor-item menu-link\">Atlassian<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-23595\"><a href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/jira-consulting\/\" class=\"elementor-sub-item menu-link\">Jira Services<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-2467\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/uutiset\/\" class=\"elementor-item menu-link\">Blogs<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19720\"><a href=\"https:\/\/www.weare.fi\/en\/asiakastarinat\/\" class=\"elementor-sub-item menu-link\">Asiakastarinat<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12800\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/meista\/\" class=\"elementor-item menu-link\">Meist\u00e4<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-11982\"><a href=\"https:\/\/careers.weare.fi\/\" class=\"elementor-sub-item menu-link\">Rekrytointi<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-2753\"><a href=\"https:\/\/www.weare.fi\/en\/meista\/yritysvastuullisuus\/\" class=\"elementor-sub-item menu-link\">Yritysvastuullisuus<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t<div class=\"elementor-menu-toggle\" role=\"button\" tabindex=\"0\" aria-label=\"Menu Toggle\" aria-expanded=\"false\">\n\t\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--open eicon-menu-bar\"><\/i><i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--close eicon-close\"><\/i>\t\t<\/div>\n\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-3d3265b8\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16592\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Splunk<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-24023\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Observability<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19823\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability-as-a-service\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Observointi palveluna<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-21974\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/weare-observability-hub\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Observability Hub<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-24069\"><a href=\"https:\/\/www.weare.fi\/en\/free-observability-maturity-assessment\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Free Observability Maturity Assessment<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-23594\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Atlassian<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-23595\"><a href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/jira-consulting\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Jira Services<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-2467\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/uutiset\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Blogs<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19720\"><a href=\"https:\/\/www.weare.fi\/en\/asiakastarinat\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Asiakastarinat<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12800\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/meista\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Meist\u00e4<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-11982\"><a href=\"https:\/\/careers.weare.fi\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Rekrytointi<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-2753\"><a href=\"https:\/\/www.weare.fi\/en\/meista\/yritysvastuullisuus\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Yritysvastuullisuus<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1cdb4865 elementor-nav-menu__align-end header elementor-nav-menu--dropdown-tablet_extra elementor-hidden-desktop elementor-nav-menu--stretch elementor-nav-menu__text-align-aside elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu\" data-id=\"1cdb4865\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-chevron-down\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;full_width&quot;:&quot;stretch&quot;,&quot;layout&quot;:&quot;horizontal&quot;,&quot;toggle&quot;:&quot;burger&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-1cdb4865\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-17209\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/\" class=\"elementor-item menu-link\">Splunk<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-22078\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability-as-a-service\/\" class=\"elementor-sub-item menu-link\">Observability as a Service<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-23719\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/\" class=\"elementor-item menu-link\">Atlassian<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-23720\"><a href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/jira-consulting\/\" class=\"elementor-sub-item menu-link\">Jira<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12786\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/palvelut\/\" class=\"elementor-item menu-link\">Palvelut<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-22226\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/weare-observability-hub\/\" class=\"elementor-sub-item menu-link\">Observability Hub<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-17638\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/ohjelmistokehitys\/\" class=\"elementor-sub-item menu-link\">Ohjelmistokehitys<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-18756\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/247-service-center\/\" class=\"elementor-sub-item menu-link\">24\/7 Service Center<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-18757\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/talent-factory\/\" class=\"elementor-sub-item menu-link\">WeAre Talent Factory<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16587\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/pilvipalvelut\/\" class=\"elementor-sub-item menu-link\">Pilvipalvelut<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16588\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/identiteetin-ja-paasynhallinta-iam\/\" class=\"elementor-sub-item menu-link\">Identiteetin- ja p\u00e4\u00e4synhallinta<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16253\"><a href=\"https:\/\/www.weare.fi\/en\/innovaatiot\/\" class=\"elementor-item menu-link\">Innovaatiot<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19721\"><a href=\"https:\/\/www.weare.fi\/en\/asiakastarinat\/\" class=\"elementor-item menu-link\">Asiakastarinat<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-2632\"><a href=\"https:\/\/www.weare.fi\/en\/uutiset\/\" class=\"elementor-item menu-link\">Blogs<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12801\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/meista\/\" class=\"elementor-item menu-link\">Meist\u00e4<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-11990\"><a href=\"https:\/\/careers.weare.fi\/\" class=\"elementor-sub-item menu-link\">Rekrytointi<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4801\"><a href=\"https:\/\/www.weare.fi\/en\/meista\/yritysvastuullisuus\/\" class=\"elementor-sub-item menu-link\">Yritysvastuullisuus<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-13935\"><a href=\"https:\/\/www.weare.fi\/en\/ota-yhteytta\/\" class=\"elementor-item menu-link\">Ota yhteytt\u00e4<\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2636\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/fi.png\" width=\"18\" height=\"12\" alt=\"fi\" title=\"Finnish\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">FI<\/span><\/span><\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2634\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/en_GB.png\" width=\"18\" height=\"12\" alt=\"en_GB\" title=\"English\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">EN<\/span><\/span><\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t<div class=\"elementor-menu-toggle\" role=\"button\" tabindex=\"0\" aria-label=\"Menu Toggle\" aria-expanded=\"false\">\n\t\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--open eicon-menu-bar\"><\/i><i aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--close eicon-close\"><\/i>\t\t<\/div>\n\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-1cdb4865\" class=\"elementor-nav-menu\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-17209\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Splunk<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-22078\"><a href=\"https:\/\/www.weare.fi\/en\/splunk-konsultointipalvelut\/observability-as-a-service\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Observability as a Service<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-23719\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Atlassian<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-23720\"><a href=\"https:\/\/www.weare.fi\/en\/atlassian-solutions-consulting-services\/jira-consulting\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Jira<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12786\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/palvelut\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Palvelut<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-22226\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/weare-observability-hub\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Observability Hub<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-17638\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/ohjelmistokehitys\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Ohjelmistokehitys<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-18756\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/247-service-center\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">24\/7 Service Center<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-18757\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/talent-factory\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">WeAre Talent Factory<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16587\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/pilvipalvelut\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Pilvipalvelut<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16588\"><a href=\"https:\/\/www.weare.fi\/en\/palvelut\/identiteetin-ja-paasynhallinta-iam\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Identiteetin- ja p\u00e4\u00e4synhallinta<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-16253\"><a href=\"https:\/\/www.weare.fi\/en\/innovaatiot\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Innovaatiot<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-19721\"><a href=\"https:\/\/www.weare.fi\/en\/asiakastarinat\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Asiakastarinat<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-2632\"><a href=\"https:\/\/www.weare.fi\/en\/uutiset\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Blogs<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-12801\"><a aria-expanded=\"false\" href=\"https:\/\/www.weare.fi\/en\/meista\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Meist\u00e4<span role=\"button\" class=\"dropdown-menu-toggle ast-header-navigation-arrow\" tabindex=\"0\" aria-expanded=\"false\" aria-label=\"Menu Toggle\" aria-haspopup=\"true\"><\/span><\/a>\n<ul class=\"sub-menu elementor-nav-menu--dropdown\">\n\t<li class=\"menu-item menu-item-type-custom menu-item-object-custom menu-item-11990\"><a href=\"https:\/\/careers.weare.fi\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Rekrytointi<\/a><\/li>\n\t<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4801\"><a href=\"https:\/\/www.weare.fi\/en\/meista\/yritysvastuullisuus\/\" class=\"elementor-sub-item menu-link\" tabindex=\"-1\">Yritysvastuullisuus<\/a><\/li>\n<\/ul>\n<\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-13935\"><a href=\"https:\/\/www.weare.fi\/en\/ota-yhteytta\/\" class=\"elementor-item menu-link\" tabindex=\"-1\">Ota yhteytt\u00e4<\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2636\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\" tabindex=\"-1\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/fi.png\" width=\"18\" height=\"12\" alt=\"fi\" title=\"Finnish\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">FI<\/span><\/span><\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2634\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\" tabindex=\"-1\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/en_GB.png\" width=\"18\" height=\"12\" alt=\"en_GB\" title=\"English\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">EN<\/span><\/span><\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-159d77ef elementor-hidden-mobile\" data-id=\"159d77ef\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-38e99ce6 elementor-hidden-tablet_extra elementor-hidden-tablet elementor-hidden-mobile_extra elementor-hidden-mobile elementor-widget elementor-widget-button\" data-id=\"38e99ce6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"\/ota-yhteytta\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Ota yhteytt\u00e4<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-25 elementor-top-column elementor-element elementor-element-52e0c118 elementor-hidden-mobile\" data-id=\"52e0c118\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e079aea elementor-nav-menu__align-center elementor-hidden-tablet_extra elementor-hidden-tablet elementor-hidden-mobile_extra elementor-hidden-mobile elementor-nav-menu--dropdown-tablet elementor-nav-menu__text-align-aside elementor-widget elementor-widget-nav-menu\" data-id=\"e079aea\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;i class=\\&quot;fas fa-globe\\&quot; aria-hidden=\\&quot;true\\&quot;&gt;&lt;\\\/i&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;layout&quot;:&quot;horizontal&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<nav aria-label=\"Menu\" class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none\">\n\t\t\t\t<ul id=\"menu-1-e079aea\" class=\"elementor-nav-menu\"><li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2418\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/en_GB.png\" width=\"18\" height=\"12\" alt=\"en_GB\" title=\"English\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">EN<\/span><\/span><\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2420\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/fi.png\" width=\"18\" height=\"12\" alt=\"fi\" title=\"Finnish\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">FI<\/span><\/span><\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-e079aea\" class=\"elementor-nav-menu\"><li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2418\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\" tabindex=\"-1\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/en_GB.png\" width=\"18\" height=\"12\" alt=\"en_GB\" title=\"English\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">EN<\/span><\/span><\/a><\/li>\n<li class=\"trp-language-switcher-container menu-item menu-item-type-post_type menu-item-object-language_switcher current-language-menu-item menu-item-2420\"><a href=\"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993#TRPLINKPROCESSED\" class=\"elementor-item elementor-item-anchor menu-link\" tabindex=\"-1\"><span data-no-translation><img decoding=\"async\" class=\"trp-flag-image lazyload\" data-src=\"https:\/\/www.weare.fi\/wp-content\/plugins\/translatepress-multilingual\/assets\/images\/flags\/fi.png\" width=\"18\" height=\"12\" alt=\"fi\" title=\"Finnish\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 18px; --smush-placeholder-aspect-ratio: 18\/12;\"><span class=\"trp-ls-language-name\">FI<\/span><\/span><\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4b91cd6c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4b91cd6c\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;shape_divider_bottom&quot;:&quot;tilt&quot;}\">\n\t\t\t\t\t<div class=\"elementor-shape elementor-shape-bottom\" aria-hidden=\"true\" data-negative=\"false\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 1000 100\" preserveAspectRatio=\"none\">\n\t<path class=\"elementor-shape-fill\" d=\"M0,6V0h1000v100L0,6z\"\/>\n<\/svg>\t\t<\/div>\n\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-60aa8fa0\" data-id=\"60aa8fa0\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-215e112 elementor-widget elementor-widget-spacer\" data-id=\"215e112\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-48a28600 elementor-widget elementor-widget-theme-post-title elementor-page-title elementor-widget-heading\" data-id=\"48a28600\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-post-title.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Azure AD SSO to AWS (Console and CLI) | Step-by-step Guide<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5c557567 elementor-align-center elementor-widget elementor-widget-post-info\" data-id=\"5c557567\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-inline-items elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-b2a862d elementor-inline-item\" itemprop=\"author\">\n\t\t\t\t\t\t<a href=\"https:\/\/www.weare.fi\/en\/author\/jerkkila\/\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-author\">\n\t\t\t\t\t\t\t\t\t\tJuho Erkkil\u00e4\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-62990f6 elementor-inline-item\" itemprop=\"datePublished\">\n\t\t\t\t\t\t<a href=\"https:\/\/www.weare.fi\/en\/2020\/10\/20\/\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-date\">\n\t\t\t\t\t\t\t\t\t\t<time>20\/10\/2020<\/time>\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-30b7c61a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"30b7c61a\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-18b1490b\" data-id=\"18b1490b\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-54e11b elementor-widget elementor-widget-theme-post-featured-image elementor-widget-image\" data-id=\"54e11b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-post-featured-image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"2560\" height=\"1280\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1.png\" class=\"attachment-full size-full wp-image-24700 lazyload\" alt=\"Azure AD SSO to AWS (Console and CLI)\" data-srcset=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1.png 2560w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-300x150.png 300w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-1024x512.png 1024w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-768x384.png 768w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-1536x768.png 1536w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-2048x1024.png 2048w, https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/Weare-blog-thumbnails-9-1-18x9.png 18w\" data-sizes=\"(max-width: 2560px) 100vw, 2560px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 2560px; --smush-placeholder-aspect-ratio: 2560\/1280;\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7858caf2 elementor-share-buttons--skin-flat elementor-grid-3 elementor-share-buttons--view-icon elementor-share-buttons--shape-square elementor-share-buttons--color-official elementor-widget elementor-widget-share-buttons\" data-id=\"7858caf2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"share-buttons.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-grid\" role=\"list\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_facebook\" role=\"button\" tabindex=\"0\" aria-label=\"Share on facebook\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-facebook\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_twitter\" role=\"button\" tabindex=\"0\" aria-label=\"Share on twitter\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-twitter\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_linkedin\" role=\"button\" tabindex=\"0\" aria-label=\"Share on linkedin\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-linkedin\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6fc94dd elementor-hidden-desktop elementor-hidden-tablet_extra elementor-hidden-tablet elementor-hidden-mobile_extra elementor-widget elementor-widget-spacer\" data-id=\"6fc94dd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3fa053b elementor-widget elementor-widget-text-editor\" data-id=\"3fa053b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h2>What is a Single Sign-on?<\/h2><div>Single sign-on (SSO) is an authentication method that allows user to login into different services using one set of credentials. The most popular authentication method is user and password, but also\u00a0physical items, or biometrics.<\/div><div>\u00a0<\/div><p>The single sign-on to applications has increased its popularity within organisations. SSO gives users a better logon experience and improves organisation\u2019s security by enabling more manageable structure for application permission management. Users and their permissions can be managed in one, or at least in fewer, place(s) instead of separately in each application.<\/p><p>At the beginning, the SSO was mainly for web-based services\u2019 end-users and not so much for power-users or admins. That has also changed over the time.<\/p><p>We got a customer request to investigate how SSO could be configured from Azure AD to Amazon Web Services (AWS) in an environment where users are mainly power-users and use the AWS through CLI. Power-users manage several AWS accounts belonging to the organisation.<\/p><p>The solution turned out to be such a nice and usable feature that we decided to share the overview of it with this blog post to all of you. Enjoy!<\/p><h2>Key takeaways<\/h2><p>Azure AD can be configured as an identity source allowing login to Amazon Web Services with Azure credentials.<\/p><ul><li>Single Sign-on to AWS services with Azure AD credentials<\/li><li>Centralised user and application permission management in Azure AD instead of managing same users also in application (AWS) side<\/li><li>Possibility to invite external users as guests in Azure AD and grant the application (AWS) permission to them allowing guests still use their own organisation credentials<\/li><li>Allow power-users to use their organisational credentials with the AWS CLI, easy workfloSingle sign-on (SSO) is an authentication method that enables users to log in to different services with one set of credentials. The most common method of authentication is a username and password, but it can also involve physical items or biometrics.<\/li><\/ul><p><!-- \/wp:list --><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-71c72cc elementor-widget elementor-widget-heading\" data-id=\"71c72cc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">The choice of two options\n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f8707b3 elementor-widget elementor-widget-text-editor\" data-id=\"f8707b3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Microsoft has improved its Azure AD SSO capabilities drastically over the years. They have ready-made \u201cGallery Applications\u201d for many popular web applications that can be configured and taken into use within minutes, and the custom application configuration has also been made simple. We decided to try both approaches: 1.) the \u201cAmazon Web Services (AWS)\u201d -gallery application, and 2.) by configuring the custom gallery application for AWS SSO purposes. Here\u2019s a summary of the approaches.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-47e9fb7 elementor-widget elementor-widget-heading\" data-id=\"47e9fb7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\"><strong>Option 1. Use ready-made gallery application in Azure AD<\/strong><\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c47819c elementor-widget elementor-widget-image\" data-id=\"c47819c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"768\" height=\"437\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/azure_1-1024x583-1-768x437.png\" class=\"attachment-medium_large size-medium_large wp-image-15997 lazyload\" alt=\"\" data-srcset=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/azure_1-1024x583-1-768x437.png 768w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/azure_1-1024x583-1-300x171.png 300w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/azure_1-1024x583-1-18x10.png 18w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/azure_1-1024x583-1.png 1024w\" data-sizes=\"(max-width: 768px) 100vw, 768px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 768px; --smush-placeholder-aspect-ratio: 768\/437;\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Official Amazon Web Services (AWS) gallery application in Azure.<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-41f7c59 elementor-widget elementor-widget-text-editor\" data-id=\"41f7c59\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>Just follow the official Microsoft\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/saas-apps\/amazon-web-service-tutorial\">instructions<\/a><\/span>, and you are ready to go<\/li><li>Configured in AWS IAM service, define Azure AD as an IdP<ul><li>In case of multiple AWS accounts, you need to define separate Azure AD gallery application for each of the accounts and configure the AWS IAM service account by account<\/li><\/ul><\/li><li>Supports federated SSO login to the AWS Console<\/li><li>CLI usage with SSO a bit more cumbersome, requires assuming role using CLI<ul><li>Official AWS blog about it:\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/aws-cli-call-store-saml-credentials\/\">https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/aws-cli-call-store-saml-credentials\/<\/a><\/span><\/li><\/ul><\/li><li>SCIM provisioning from AWS \u2192 Azure AD<ul><li>Provisions defined AWS IAM roles to Azure AD, in where the target Azure users and groups can be defined to the roles<\/li><\/ul><\/li><li>Supports only IdP initiated SSO<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f2bd35f elementor-widget elementor-widget-heading\" data-id=\"f2bd35f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Option 2. Define custom enterprise application in Azure AD for the AWS SSO<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d6411d elementor-widget elementor-widget-image\" data-id=\"7d6411d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"768\" height=\"437\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/Azure_2-1024x583-1-768x437.png\" class=\"attachment-medium_large size-medium_large wp-image-15998 lazyload\" alt=\"\" data-srcset=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/Azure_2-1024x583-1-768x437.png 768w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/Azure_2-1024x583-1-300x171.png 300w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/Azure_2-1024x583-1-18x10.png 18w, https:\/\/www.weare.fi\/wp-content\/uploads\/2022\/12\/Azure_2-1024x583-1.png 1024w\" data-sizes=\"(max-width: 768px) 100vw, 768px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 768px; --smush-placeholder-aspect-ratio: 768\/437;\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-389eec5 elementor-widget elementor-widget-text-editor\" data-id=\"389eec5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div><div style=\"box-sizing: inherit;\"><figure style=\"box-sizing: inherit; font-size: 17px;\"><figcaption style=\"box-sizing: inherit;\">Custom enterprise application in Azure<\/figcaption><figcaption style=\"box-sizing: inherit;\"><\/figcaption><\/figure><\/div><\/div><ul style=\"box-sizing: inherit; font-size: 17px; font-style: normal; font-weight: 400; overflow-wrap: break-word;\"><li style=\"box-sizing: inherit; font-size: 17px;\">Requires couple of more steps in Azure AD side than the previously mentioned gallery app<br \/><ul style=\"box-sizing: inherit; font-size: 17px; overflow-wrap: break-word;\"><li style=\"box-sizing: inherit; font-size: 17px;\">Define SAML SSO configurations and attributes (tip: do the AWS SSO configuration first and you can import the AWS metadata to the Azure application)<\/li><\/ul><\/li><li style=\"box-sizing: inherit; font-size: 17px;\">Configured in AWS SSO service, define Azure AD as a SALM identity source<br \/><ul style=\"box-sizing: inherit; font-size: 17px; overflow-wrap: break-word;\"><li style=\"box-sizing: inherit; font-size: 17px;\">Only root account needs to be configured, SSO inherited to child accounts<\/li><\/ul><\/li><li style=\"box-sizing: inherit; font-size: 17px;\">Supports federated SSO login to the AWS Console<\/li><li style=\"box-sizing: inherit; font-size: 17px;\">Supports SSO with the AWS CLI usage<br \/><ul style=\"box-sizing: inherit; font-size: 17px; overflow-wrap: break-word;\"><li style=\"box-sizing: inherit; font-size: 17px;\">(AWS CLI SSO feature is build into the AWS CLI\u00a0<span style=\"box-sizing: inherit; font-weight: bold;\">v2<\/span>. AWS CLI v2 came generally available on Feb 2020. So the AWS CLI SSO is a relatively new feature (~ 6 months at the time of writing this). Before that the only way was to assume a role using CLI scripts, which was a bit cumbersome with all the SAML response copying and other steps.)<\/li><\/ul><\/li><li style=\"box-sizing: inherit; font-size: 17px;\">SCIM provisioning from Azure AD \u2192 AWS<br \/><ul style=\"box-sizing: inherit; font-size: 17px; overflow-wrap: break-word;\"><li style=\"box-sizing: inherit; font-size: 17px;\">Provisions defined Azure AD users and groups (&amp; group members) to the AWS SSO service, in where the users\/groups are defined to the target AWS accounts with defined permission sets<\/li><\/ul><\/li><li style=\"box-sizing: inherit; font-size: 17px;\">Supports both IdP initiated and SP initiated SSO<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9c63d1f elementor-widget elementor-widget-heading\" data-id=\"9c63d1f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">AWS SSO - two options<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bc01eb0 elementor-widget elementor-widget-text-editor\" data-id=\"bc01eb0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Both configuration options have relatively similar SSO experience to the AWS Console. We configured the 1.) official Amazon Web Services (AWS) application and 2.) the custom application, added a user to both application in Azure side, and with that user logged in to\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/myapplications.microsoft.com\/\">https:\/\/myapplications.microsoft.com\/<\/a><\/span>\u00a0-portal to see how the login experience goes.<\/p><p>Below is a short video with an active Azure session showing how the SSO goes from\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/myapplications.microsoft.com\/\">https:\/\/myapplications.microsoft.com\/<\/a><\/span>\u00a0to AWS Console using both approaches.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9284932 elementor-widget elementor-widget-image\" data-id=\"9284932\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/AWS_SSO_Console.gif\" title=\"\" alt=\"\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 853px; --smush-placeholder-aspect-ratio: 853\/480;\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Azure AD SSO to AWS Console with 1) Azure Gallery App and 2) Custom App<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5b733ed elementor-widget elementor-widget-text-editor\" data-id=\"5b733ed\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In addition to the IdP initiated session, the custom application also allows SP initiated SSO as well.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-faae0a3 elementor-widget elementor-widget-heading\" data-id=\"faae0a3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">The CLI usage<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-131dcab elementor-widget elementor-widget-text-editor\" data-id=\"131dcab\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"box-sizing: inherit; font-size: 17px; font-style: normal; font-weight: 400; margin-bottom: 1.6em; overflow-wrap: break-word;\">The CLI usage experience varies a lot between option 1 and option 2.<\/p><p style=\"box-sizing: inherit; font-size: 17px; font-style: normal; font-weight: 400; margin-bottom: 1.6em; overflow-wrap: break-word;\">The option 1, using the Azure ready-made Amazon Web Service gallery application, does not support easy to approach CLI usage with SSO. Instead you need to first create a SAML request to gather the response and then insert the response to a script to assume the used role (more of it in\u00a0<a style=\"box-sizing: inherit; text-decoration-line: underline;\" href=\"https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/aws-cli-call-store-saml-credentials\/\"><em style=\"box-sizing: inherit;\">here<\/em><\/a>). Does not sound any fun, does it?<\/p><p style=\"box-sizing: inherit; font-size: 17px; font-style: normal; font-weight: 400; margin-bottom: 1.6em; overflow-wrap: break-word;\">The option 2 uses instead native\u00a0<em style=\"box-sizing: inherit;\">aws sso configure<\/em>\u00a0command in CLI which instructs the user with the needed steps. Only thing a user needs to know is the SP initiated SSO url. So remember to provide that url to the power-users. (You can find it in the AWS console from SSO service configuration.)<\/p><p style=\"box-sizing: inherit; font-size: 17px; font-style: normal; font-weight: 400; margin-bottom: 1.6em; overflow-wrap: break-word;\">Here is a example of power-user logon experience when using AWS CLI with the option 2 approach:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-871ca83 elementor-widget elementor-widget-image\" data-id=\"871ca83\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" data-src=\"https:\/\/www.weare.fi\/wp-content\/uploads\/2020\/10\/AWS_SSO_CLI.gif\" title=\"\" alt=\"\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 853px; --smush-placeholder-aspect-ratio: 853\/480;\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">AWS CLI SSO demonstration<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c282e34 elementor-widget elementor-widget-heading\" data-id=\"c282e34\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">AWS SSO - Why Azure custom application?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b51a61b elementor-widget elementor-widget-text-editor\" data-id=\"b51a61b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>We do respect the work of admins and power-users and our goal is to try to understand how to make their daily work easier while keeping the organisation\u2019s policies and security in line. Also the consolidated user permission management enhances the transparency and eases the management tasks for those who control the permissions to the applications.<\/p><p>The benefit of using Azure as an identity source for the applications, such as AWS, is not only consolidating organisation internal user permission management to one place, but also allowing guest user permission management to the applications. The invited guest users can login to the shared applications using their own organisation credentials without needing any additional credentials to be managed or remembered.<\/p><p>In the experiment of AWS SSO, we tried two approaches and our choice and preferred method for the time being is the\u00a0<strong>option 2<\/strong>: Azure custom application.<\/p><p>Couple of important factors why the custom application:<\/p><ul><li>In case of multiple AWS accounts<ul><li>Easier and consolidated configuration in AWS SSO<\/li><li>Easier and consolidated configuration in Azure: just one Azure application instead of needing to create an application per target AWS account within the organisation<\/li><\/ul><\/li><li>Supereasy CLI SSO for the power-users<\/li><\/ul><p>Services are constantly evolving and today\u2019s approaches might be legacy one day. Our job is to keep up with the best practices and new technologies. Drop an email if you have ideas or questions for this or other topic. Let\u2019s take a look at it together.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d5e7200 elementor-share-buttons--skin-flat elementor-share-buttons--color-custom elementor-share-buttons--view-icon-text elementor-share-buttons--shape-square elementor-grid-0 elementor-widget elementor-widget-share-buttons\" data-id=\"d5e7200\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"share-buttons.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-grid\" role=\"list\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_facebook\" role=\"button\" tabindex=\"0\" aria-label=\"Share on facebook\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-facebook\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-share-btn__text\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__title\">\n\t\t\t\t\t\t\t\t\t\tFacebook\t\t\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_twitter\" role=\"button\" tabindex=\"0\" aria-label=\"Share on twitter\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-twitter\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-share-btn__text\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__title\">\n\t\t\t\t\t\t\t\t\t\tTwitter\t\t\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_linkedin\" role=\"button\" tabindex=\"0\" aria-label=\"Share on linkedin\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-linkedin\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-share-btn__text\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__title\">\n\t\t\t\t\t\t\t\t\t\tLinkedIn\t\t\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2c4d486 elementor-widget elementor-widget-spacer\" data-id=\"2c4d486\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6cc0d761 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6cc0d761\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4f28b13d\" data-id=\"4f28b13d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-885b1d1 elementor-widget elementor-widget-spacer\" data-id=\"885b1d1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The single sign-on (SSO) to applications has increased its popularity within organisations. SSO gives users a better logon experience and improves organisation\u2019s security by enabling more manageable structure for application permission management.<\/p>","protected":false},"author":7,"featured_media":24700,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"elementor_header_footer","format":"standard","meta":{"_improvement_type_select":"improve_an_existing","_thumb_yes_seoaic":false,"_frame_yes_seoaic":false,"seoaic_generate_description":"","seoaic_improve_instructions_prompt":"","seoaic_rollback_content_improvement":"","seoaic_idea_thumbnail_generator":"","thumbnail_generated":false,"thumbnail_generate_prompt":"","seoaic_article_description":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"seoaic_article_subtitles":[],"footnotes":""},"categories":[19,77,28],"tags":[],"blog":[119],"customer-cases":[],"class_list":["post-15993","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-all","category-blogs","category-aws","blog-cloud"],"_links":{"self":[{"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/comments?post=15993"}],"version-history":[{"count":25,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993\/revisions"}],"predecessor-version":[{"id":24763,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/posts\/15993\/revisions\/24763"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/media\/24700"}],"wp:attachment":[{"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/media?parent=15993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/categories?post=15993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/tags?post=15993"},{"taxonomy":"blog","embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/blog?post=15993"},{"taxonomy":"customer-cases","embeddable":true,"href":"https:\/\/www.weare.fi\/en\/wp-json\/wp\/v2\/customer-cases?post=15993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}