Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,466,665
Community Members
 
Community Events
176
Community Groups

It is possible to connect Crowd to Amazon AWS IAM services

Hello,

We have to think about to connect our internal Crowd directory to AWS IAM services to use our internal credentials in the AWS ressources. Does anybody have any experiences about this topic to implement this configuration?

BR
Alexander 

2 answers

1 vote

Utoolity is offering an add-on family Identity Federation for AWS which implements an Identity Broker that provides Federated AWS access for Atlassian users, i.e. it allows to Add long-term AWS security credentials (IAM users) once and configure AWS access for Atlassian groups with temporary credentials and fine grained permissions via IAM Policies thereafter - this yields the following cross product features (on top of product specific ones):

  • Single Sign-On (SSO) to the AWS Management Console
  • REST API for temporary AWS Security Credentials

Cross Product Support

The add-on is conceptually designed and implemented as a cross product solution, however, the Atlassian Marketplace does not support commercial cross product add-on, which is why we need to offer it separately per product.

The main usage at this point is to provide the IAM based AWS security credentials backing for Tasks for AWS (where it is included for free, see our resp. FAQ Do I need an Identity Federation for AWS license when using it from another Utoolity add-on like Tasks for AWS?).

That being said, we always considered its Identity Broker capabilities to be a notable standalone use case too, and we have several customers who indeed simply use Identity Federation for AWS as is to provide SSO to the AWS Management Console without the need to manage individual AWS credentials per user.

Crowd Support

Identity Federation for AWS (JIRA) work just fine with all common Crowd/JIRA integration scenarios outlined in Connecting to Crowd or Another JIRA Server for User Management - here's how we are Connecting JIRA to Crowd for our own Atlassian suite:

  • users are managed in Crowd
  • JIRA (and other Atlassian applications) are linked to Crowd
  • users log into JIRA (or any linked Atlassian product) via Crowd SSO
  • users can then use SSO to AWS by means of Identity Federation for AWS (JIRA)

However, as per our resp. FAQ Will Identity Federation for AWS be available for Atlassian Crowd?, it is not available for Crowd itself :

The add-on could work within Crowd in principle, however Crowd currently lacks the Universal Plugin Manager (UPM) and support for publishing Crowd add-ons via the Atlassian Marketplace in turn.

Please watch/vote/comment on the following Crowd issue to raise Atlassian's priority for addressing this limitation:

 

0 votes

Hi Alexander,

AWS supports OpenID Connect (OIDC) and SAML 2.0 Identity Providers as detailed here. So your question is: "Can Crowd be a SAML 2.0 or OIDC IdP for AWS?". At the time of writing, the answer is no, but it could be done with a bit of coding:

Best Regards,

Bruno

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events