AWS and JumpCloud have partnered to offer a VPN alternative for securely accessing company applications over the web using JumpCloud Go™, JumpCloud SSO (SAML or OIDC) and AWS Verified Access (AVA). With this collaboration, JumpCloud can authenticate and authorize devices and identities in one console and provide access control for AWS Verified Access for managed devices. See our blog for more information about our partnership.
- JumpCloud Admin account.
- Your JumpCloud Org ID.
- JumpCloud Platform or Platform Plus plan, or SSO and Device Management services.
- JumpCloud-managed users on JumpCloud-managed devices.
- AWS Admin account (AWS root user).
- AWS organization.
There are three steps:
Install JumpCloud Go
Customers already using JumpCloud Go will have access to AVA with no additional JumpCloud configuration.
The JumpCloud Go Chrome extension provides secure passwordless authentication to JumpCloud protected web resources on managed devices (Mac or Windows). The extension can be installed via JumpCloud Policy, Google’s Chrome Browser Cloud Management (CBCM), or manual installation.
Configure an AWS SSO Connector
Configure AWS IAM Identity Center SSO
Configure Custom AWS OIDC
See SSO with OIDC.
For additional information about the AWS OIDC configuration, please view the following AWS documentation:
- AWS Verified Access Integration with 3rd party identity providers
- Using an OpenID Connect trust provider
AVA provides secure access to company applications over the internet without using a VPN. Once you have set up JumpCloud Go and the AWS SSO Connector, the final step is configuring Verified Access inside AWS. To proceed, please view the following AWS documentation:
Your JumpCloud Org ID needs to be put in the Tenant ID of AVA.