Identity Federation for AWS Documentation
Identity Federation for Amazon Web Services (AWS) is an Identity Broker/Token Vendor that provides temporary AWS security credentials to Atlassian groups and enables access control to AWS resources via Identity and Access Management (IAM) Policies:
- AWS Connector management - add long-term AWS security credentials (IAM users) only once and configure access to AWS resources for Atlassian groups with temporary AWS security credentials and fine grained control via IAM Policies thereafter.
- Single Sign-On (SSO) to the AWS Management Console - access AWS resources directly via menu links and/or a configurable AWS Management Console Login gadget.
- REST API for temporary AWS Credentials - expose AWS Connectors to requesting users with sufficient permissions and allow retrieval of temporary AWS security credentials based on such a connector.
- Bamboo
- AWS Credentials Variables task - provide AWS Credentials Variables to other tasks and tools that are not directly integrated with Identity Federation for AWS, but accept AWS credentials via the command line or environment variables.
- JIRA
- Compatibility with JIRA Data Center - facilitate Identity Federation for AWS together with the clustering and high-availability capabilities of JIRA Data Center.
- Compatibility with JIRA Data Center - facilitate Identity Federation for AWS together with the clustering and high-availability capabilities of JIRA Data Center.
Integrate AWS into your JIRA and Bamboo DevOps workflows with the following key benefits:
- Secure and protected AWS credentials storage - store your long-term AWS security credentials with industry standard encryption without ever exposing these to any of your users (or add-ons).
- Enable AWS resource usage per Atlassian user - a Federated User enables provisioning of AWS resources based on the Atlassian user name (e.g. a dedicated Amazon S3 bucket or EC2 instance per developer).
- Forget about distributing AWS credentials - you only need one set of long-term AWS security credentials (more possible though) to grant potentially fine grained permissions for AWS resources to Atlassian users.
- Forget about revoking AWS credentials - never worry about team changes or employee leave, your AWS resource permissions simply follow the respective group membership changes.
Atlassian®, Atlassian Bamboo®, Bitbucket®, Atlassian Crowd®, Confluence®, Jira®, Jira Service Management™, Opsgenie®, and Statuspage™ are registered trademarks of Atlassian.
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
