When admins connect AWS in JumpCloud for single sign on (SSO), AWS accepts SSO based on roles. AWS roles are a set of permissions for making AWS service requests that are not associated with a user or group (Refer to Amazon’s IAM FAQs for more information). Admins can configure AWS roles in JumpCloud with Custom User Attributes and Constant Attributes.
Option 1: Configuring AWS Roles with Custom Attributes
Configuring AWS roles with custom user attributes provides admins with one connector to service all of their AWS roles and is an effective method for admins who have highly unique permission sets across their users. Configure AWS roles with custom attributes.
Option 2: Configuring AWS Roles with Constant Attributes
Configuring AWS roles with constant attributes works well if users need access to the same collection of roles. This method produces multiple connectors, each with their own collection of roles. Configure AWS roles with constant attributes.