- unmigrated-wiki-markup
Documentation for Identity Federation for AWS 1.2 – other releases are available in the Identity Federation for AWS Documentation Directory.
View
or visit the current documentation home.
Frequently Asked Questions (FAQ)
This page provides answers to frequently asked questions regarding Identity Federation for AWS:
On this page:
General FAQ
How do I set up Identity Federation for AWS?
Please refer to the Installation and Upgrade Guide.
Which Atlassian products are currently supported by Identity Federation for AWS?
Identity Federation for AWS aims to be a cross product solution, however, we've focused on JIRA to get things started (please refer to the Compatibility Notes for details) - please get in touch with us, if you are interested in support for other Atlassian products, we are eager to learn more about your use case and adjusting our respective roadmap accordingly (see below for a notable special case though).
Will Identity Federation for AWS be available for Atlassian Crowd?
Identity Federation for AWS aims to be a cross product solution and Atlassian Crowd would be the most obvious target product for Enterprise deployments. The add-on could work within Crowd in principle, however Crowd currently lacks the Universal Plugin Manager (UPM) and support for selling Crowd add-ons via the Atlassian Marketplace in turn.
This issue is tracked by Atlassian in Support the Universal Plugin Manager in Crowd (CWD-3157), so please add your vote there to increase the priority. Also, don't hesitate to get in touch with us to discuss alternatives.
Does Identity Federation for AWS support SAML?
While we would love to support AWS Identity and Access Management Using SAML, true integration of SAML (Security Assertion Markup Language) is outside of the realm of Identity Federation for AWS, however:
Identity Federation between Atlassian Crowd and AWS
That being said, the main use case of this add-on is to provide similar functionality by leveraging the alternative AWS options for Identity Federation - you thereby gain the same benefits of federated access and a unified directory for all Atlassian products via Crowd.
- True SAML support would best be addressed by Atlassian Crowd itself - a related feature request is tracked by Atlassian in General SAML Support (CWD-1822), so please add your vote there to increase the priority. Also, don't hesitate to get in touch with us to discuss alternatives.
Security FAQ
How are my persisted long-term AWS security credentials secured against unauthorized usage?
The persisted long-term AWS security credentials (comprised of an Access Key Id and a Secret Access Key) are stored in the database encrypted with a 128-bit Advanced Encryption Standard (AES) private secret key, which is stored on the file system and unique per application instance (e.g. JIRA installation). This means you can loose either your database or your file system without compromising your AWS accounts right away.
Licensing & Purchasing
Do my JIRA and Identity Federation for AWS licenses have to match?
Yes, this is a limitation imposed by the Atlassian Marketplace, see the Marketplace Licensing and Pricing FAQ:
Which license do I choose when purchasing an add-on?:
The Atlassian host application (for example, JIRA, Confluence, etc.) license tier determines the license type you need for an add-on that is paid-via-Atlassian. For example, if you are installing an add-on into a JIRA with 25-user license, you must purchase a 25-user license for the add-on, even if fewer users will actually use it.
IMPORTANT: If you do not purchase a license that matches your Atlassian application license, your add-on will not work.