Identity Federation for AWS Documentation

Identity Federation for Amazon Web Services (AWS) is an Identity Broker/Token Vendor that provides temporary AWS security credentials to Atlassian groups and enables access control to AWS resources via Identity and Access Management (IAM) Policies:

• AWS Connector management - add long-term AWS security credentials (IAM users) only once and configure access to AWS resources for Atlassian groups with temporary AWS security credentials and fine grained control via IAM Policies thereafter.
• Single Sign-On (SSO) to the AWS Management Console - access AWS resources directly via menu links and/or a configurable AWS Management Console Login gadget.
• REST API for temporary AWS Credentials - expose AWS Connectors to requesting users with sufficient permissions and allow retrieval of temporary AWS security credentials based on such a connector.

Integrate AWS into your JIRA and DevOps workflows with the following key benefits:

• Secure and protected AWS credentials storage - store your long-term AWS security credentials with industry standard encryption without ever exposing these to any of your users (or add-ons).
• Enable AWS resource usage per Atlassian user - a Federated User enables provisioning of AWS resources based on the Atlassian user name (e.g. a dedicated Amazon S3 bucket or EC2 instance per developer).
• Forget about distributing AWS credentials - you only need one set of long-term AWS security credentials (more possible though) to grant potentially fine grained permissions for AWS resources to Atlassian users.
• Forget about revoking AWS credentials - never worry about team changes or employee leave, your AWS resource permissions simply follow the respective group membership changes.