AWS managed applications that you can use with IAM Identity Center

IAM Identity Center lets you connect your existing identity source or create users once. This enables application administrators to manage access to the following AWS managed applications without separate federation or user and group synchronization.

All of the AWS managed applications in the following table integrate with organization instances of IAM Identity Center. The table also provides information about the following for a supported AWS managed application:

Whether the application also integrates with account instances of IAM Identity Center
Whether the application can enable trusted identity propagation through IAM Identity Center

AWS managed applications that integrate with IAM Identity Center
AWS managed application	Integrated with account instances of IAM Identity Center	Enables trusted identity propagation through IAM Identity Center
Amazon AppStream 2.0	No	No
Amazon Athena SQL	Yes	Yes
Amazon CodeCatalyst	Yes	No
Amazon Connect	No	No
Amazon DataZone	Yes	Yes
Amazon EMR on Amazon EC2	Yes	Yes
Amazon EMR Studio	Yes	Yes
Amazon Kendra	No	No
Amazon Managed Grafana	No	No
Amazon Monitron	No	No
Amazon OpenSearch Service	Yes	Yes
Amazon OpenSearch Service Serverless Service	Yes	Yes
OpenSearch user interface (Dashboards)	Yes	Yes
Amazon Q Business	Yes	Yes
Amazon Q Developer	Yes*	No
Amazon QuickSight	Yes	Yes
Amazon Redshift	Yes	Yes
Amazon S3 Access Grants	Yes	Yes
Amazon SageMaker Unified Studio	Yes	Yes
Amazon SageMaker Studio	No	Yes
Amazon WorkMail	Yes	Yes
Amazon WorkSpaces	Yes	No
Amazon WorkSpaces Secure Browser	No	No
AWS App Studio	Yes	No
AWS Client VPN	No	No
AWS CLI	No	No
AWS Deadline Cloud	Yes	No
AWS Glue	Yes	Yes
AWS IoT Events	No	No
AWS IoT Fleet Hub	No	No
AWS IoT SiteWise	No	No
AWS Lake Formation	Yes	Yes
AWS re:Post Private	Yes	No
AWS Supply Chain	Yes	No
AWS Systems Manager	No	No
AWS Transfer Family web apps	Yes	Yes
AWS Transform	Yes	No
AWS Verified Access	No	No
Multi-party approval	No	Yes

* For Amazon Q Developer, account instances of IAM Identity Center are supported unless your users require access to the full set of Amazon Q Developer features on AWS websites. For more information, see Setting up Amazon Q Developer in the Amazon Q Developer User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS managed applications

Setting up IAM Identity Center to test AWS managed applications