Identity Federation for AWS Documentation
Identity Federation for Amazon Web Services (AWS) is an Identity Broker/Token Vendor that provides temporary AWS security credentials to Atlassian groups and enables access control to AWS resources via Identity and Access Management (IAM) Policies:
- AWS Connector management - add long-term AWS security credentials (IAM users) only once and configure access to AWS resources for Atlassian groups with temporary AWS security credentials and fine grained control via IAM Policies thereafter.
- Single Sign-On (SSO) to the AWS Management Console - access AWS resources directly via menu links and/or a configurable AWS Management Console Login gadget.
- REST API for temporary AWS Credentials - expose AWS Connectors to requesting users with sufficient permissions and allow retrieval of temporary AWS security credentials based on such a connector.
- Bamboo
- AWS Credentials Variables task - provide AWS Credentials Variables to other tasks and tools that are not directly integrated with Identity Federation for AWS, but accept AWS security credentials via the command line, environment variables or the Bamboo task interface, for example the Bamboo Script task.
- Amazon ECR Credentials Variables task - provide Amazon ECR Credentials Variables to other tasks and tools that are not directly integrated with Identity Federation for AWS, but accept Amazon ECR authentication credentials via the command line, environment variables or the Bamboo task interface, for example the Bamboo Docker task.
- JIRA
- Compatibility with JIRA Data Center - facilitate Identity Federation for AWS together with the clustering and high-availability capabilities of JIRA Data Center.
- Compatibility with JIRA Data Center - facilitate Identity Federation for AWS together with the clustering and high-availability capabilities of JIRA Data Center.
Integrate AWS into your JIRA and Bamboo DevOps workflows with the following key benefits:
- Secure and protected AWS credentials storage - store your long-term AWS security credentials with industry standard encryption without ever exposing these to any of your users (or add-ons).
- Enable AWS resource usage per Atlassian user - a Federated User enables provisioning of AWS resources based on the Atlassian user name (e.g. a dedicated Amazon S3 bucket or EC2 instance per developer).
- Forget about distributing AWS credentials - you only need one set of long-term AWS security credentials (more possible though) to grant potentially fine grained permissions for AWS resources to Atlassian users.
- Forget about revoking AWS credentials - never worry about team changes or employee leave, your AWS resource permissions simply follow the respective group membership changes.
Atlassian®, Atlassian Bamboo®, Bitbucket®, Atlassian Crowd®, Confluence®, Jira®, Jira Service Management™, Opsgenie®, and Statuspage™ are registered trademarks of Atlassian.
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
