Configuration Parameters

Note

Parameters with * are mandatory parameters.

The configuration parameters of AWS IAM Identity Center are as follows:

Authentication Method

Select the method that would be used to securely connect to AWS:

  • IAM User

  • IAM Role

Applicable if Authentication Method is selected as IAM User

Enter the Access Key ID of the Service IAM User.

Enter the Secret Access Key of the Service IAM User.

Enter the role name that is created in all the AWS Accounts that are to be aggregated.

Enter the External ID that is used in an IAM role trust policy to designate who can assume the role.

Note
This is mandatory if the external ID condition is provided to the IAM Role trust policy. This condition defines how and when trusted entities can assume the role.

Enter the Region as per your AWS instance. For example, us-east-1 for AWS commercial cloud and us-gov-west-1 for AWS GovCloud (US).

Applicable if Authentication Method is selected as IAM Role

If the Amazon Resource Name (ARN) of the role contains a path, then it should be created with same path and name in all the AWS accounts. The input value must be provided as follows:

<entire Role Path>/<Role Name>.

Enter the External ID that is used in an IAM role trust policy to designate who can assume the role.

Note

This is mandatory if the external ID condition is provided to the IAM Role trust policy. This condition defines how and when trusted entities can assume the role.

Enter the Region as per your AWS instance. For example, us-east-1 for AWS commercial cloud and us-gov-west-1 for AWS GovCloud (US).

Additional Configuration Parameters

Following are the additional configuration parameters that can be set in the application debug page:

Aggregation Settings

The maximum size of each data set when querying over large number of objects for IAM entities. Default: 100

Provisioning Settings

Allow local account creation/deletion in AWS Identity Center.