Integrate with AWS Verified Access

AWS and JumpCloud have partnered to offer a VPN alternative for securely accessing company applications over the web using JumpCloud Go™, JumpCloud SSO (SAML or OIDC) and AWS Verified Access (AVA). With this collaboration, JumpCloud can authenticate and authorize  devices and identities in one console and provide access control for AWS Verified Access for managed devices. See our blog for more information about our partnership.

Prerequisites

  1. JumpCloud Admin account.
  2. Your JumpCloud Org ID.
  3. JumpCloud Platform or Platform Plus plan, or SSO and Device Management services. 
  4. JumpCloud-managed users on JumpCloud-managed devices.
  5. AWS Admin account (AWS root user).
  6. AWS organization.

There are three steps:

Install JumpCloud Go

Tip:

Customers already using JumpCloud Go will have access to AVA with no additional JumpCloud configuration.

The JumpCloud Go Chrome extension provides secure passwordless authentication to JumpCloud protected web resources on managed devices (Mac or Windows). The extension can be installed via JumpCloud Policy, Google’s Chrome Browser Cloud Management (CBCM), or manual installation.

See Get Started: JumpCloud Go and Use JumpCloud Go.

Configure an AWS SSO Connector

Tip:

If an AWS IAM Center SSO connector already exists, you can optionally create a second OIDC connector or go to the next section, Setup AVA.

Configure AWS IAM Identity Center SSO

See Integrate with AWS IAM Identity Center.

Configure Custom AWS OIDC

See SSO with OIDC

For additional information about the AWS OIDC configuration, please view the following AWS documentation:

Setup AVA

AVA provides secure access to company applications over the internet without using a VPN. Once you have set up JumpCloud Go and the AWS SSO Connector, the final step is configuring Verified Access inside AWS. To proceed, please view the following AWS documentation:

Important:

 Your JumpCloud Org ID needs to be put in the Tenant ID of AVA.

List IconIn this Article

Notebook IconLearn More

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case