Documentation for Identity Federation for AWS 2.0 – other releases are available in the Identity Federation for AWS Documentation Directory.
View

Unknown macro: {spacejump}

or visit the current documentation home.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

 

This page provides answers to frequently asked questions regarding Identity Federation for AWS:

On this page:

General FAQ

How do I set up Identity Federation for AWS?

Please refer to the Installation and Upgrade Guide.

Which Atlassian products are currently supported by Identity Federation for AWS?

Identity Federation for AWS aims to be a cross product solution and currently supports JIRA and Bamboo (see Compatibility Notes for details) - please don't hesitate to get in touch, if you are interested in support for other Atlassian products, we are eager to learn more about your use case and adjusting our respective roadmap accordingly (see below for a notable special case though).

Will Identity Federation for AWS be available for Atlassian Crowd?

Identity Federation for AWS aims to be a cross product solution and Atlassian Crowd would be the most obvious target product for Enterprise deployments. The add-on could work within Crowd in principle, however Crowd currently lacks the Universal Plugin Manager (UPM) and support for selling Crowd add-ons via the Atlassian Marketplace in turn.

Does Identity Federation for AWS support SAML?  

While we would love to support AWS Identity and Access Management Using SAML, true integration of SAML (Security Assertion Markup Language) is outside of the realm of Identity Federation for AWS, however: 

Identity Federation between Atlassian Crowd and AWS

That being said, the main use case of this add-on is to provide similar functionality by leveraging the alternative AWS options for Identity Federation - you thereby gain the same benefits of federated access and a unified directory for all Atlassian products via Crowd.

  • (info) True SAML support would best be addressed by Atlassian Crowd itself - a related feature request is tracked by Atlassian in General SAML Support (CWD-1822), so please add your vote there to increase the priority. Also, don't hesitate to get in touch with us to discuss alternatives.

Security FAQ

How are my persisted long-term AWS security credentials secured against unauthorized usage?

The persisted long-term AWS security credentials (comprised of an Access Key Id and a Secret Access Key) are stored in the database encrypted with a 128-bit Advanced Encryption Standard (AES) private secret key, which is stored on the file system and unique per application instance (e.g. JIRA installation). This means you can loose either your database or your file system without compromising your AWS accounts right away.

Licensing & Purchasing

Do my JIRA and Identity Federation for AWS licenses have to match?

Yes, this is a limitation imposed by the Atlassian Marketplace, see the Marketplace Licensing and Pricing FAQ:

Which license do I choose when purchasing an add-on?:

The Atlassian host application (for example, JIRA, Confluence, etc.) license tier determines the license type you need for an add-on that is paid-via-Atlassian.  For example, if you are installing an add-on into a JIRA with 25-user license, you must purchase a 25-user license for the add-on, even if fewer users will actually use it.

IMPORTANT: If you do not purchase a license that matches your Atlassian application license, your add-on will not work.

 

Obviously there are many valid use cases where this limitation doesn't make sense. Accordingly, many customers and vendors have requested the ability to decouple the add-on user tier from the host application - please contact Atlassian directly for any questions in this regard, maybe they will reconsider this over time.

 


  • No labels