AWS SSO for AWS Control Tower


Learn how AWS SSO works with AWS Control Tower, for multi-account identity and access management.

What's new with AWS SSO for AWS Control Tower and what do you like about it?

AWS SSO has become very powerful over the last year or two. It's become a de facto standard for connecting your identity to AWS. Other companies may have hesitated to use it because it wasn't as fully featured two years ago, but now it has everything that you would need to connect your active directory into AWS.

You can do things like filtering users while scoping. You can define the scope to be narrow in an OU. If you have a very large footprint in AWS Directory Service, that's very helpful. It also connects into Azure AD. If you're a user of that and GCP, it serves both of those very well. It really is a standard now and it's the default that we use for all deployments.

What are some of the benefits of using AWS SSO for AWS Control Tower over, say, an external SSO provider?

Well, the first thing is that it's free. AWS does not charge for AWS SSO.If you decide to run an AWS Directory Service instance or another service that's managed by AWS, there will be charges for that.

But AWS SSO itself is no cost to you and it's tightly integrated into AWS. So your normal workflow of using AWS APIs to interact with it, are connected in, as part of AWS SSO. And so you can use it, connect to it, you can pull keys and you can use it for CLI access. It's just all tight knit in one package that you can control all of your footprint in AWS with.

That's awesome. And you can integrate it with any SAML compliant IDP that's out there. So to tie this all together, Caylent is recommending AWS SSO for Control Tower, and we offer it as part of our AWS Control Tower Caylent Catalyst offering.

If you’re looking to set up secure cloud foundations for your applications on AWS, Caylent’s experts can help you setup multi-account governance and management through our AWS Control Tower Caylent CatalystGet in touch with our team to learn how we can help!


Learn more about the services mentioned

Caylent Catalysts™

AWS Control Tower

Establish a Landing Zone tailored to your requirements through a series of interactive workshops and accelerators, creating a production-ready AWS foundation.

Accelerate your cloud native journey

Leveraging our deep experience and patterns

Get in touch

Related Blog Posts

Differences Between GenAI and AI

While GenAI has gained significant attention in recent times, businesses have long used AI for vital tasks like fraud detection and personalization. Learn the distinctions between GenAI and Analytical AI and how you can unleash the potential of AI in your business.

Artificial Intelligence & MLOps

SageMaker JumpStart

Learn how SageMaker JumpStart paves the way for efficient AI adoption with a blend of foundation models, algorithms, and seamless integrations, without hefty initial investments.

Artificial Intelligence & MLOps

Amazon SageMaker Suite

Increasingly, people are opting to utilize the SageMaker Suite for custom models and internal development purposes. Join Caylent’s Randall Hunt as he breaks down the different services that make up SageMaker Suite

Artificial Intelligence & MLOps