User authentication in Amazon Managed Grafana

Note

AWS Single-sign-on (AWS SSO) is currently being rebranded to IAM Identity Center.

Users are authenticated to use the Grafana console in an Amazon Managed Grafana workspace by single sign-on using your organization’s identity provider, instead of by IAM. Each workspace can use one or both of the following authentication methods:

User credentials stored in identity providers (IdPs) that support Security Assertion Markup Language 2.0 (SAML 2.0)
AWS IAM Identity Center (successor to AWS Single Sign-On)

For each of your workspaces, you can use SAML, IAM Identity Center, or both. If you begin by using one method, you can switch to using the other.

Topics

Using SAML with your Amazon Managed Grafana workspace
Using AWS IAM Identity Center (successor to AWS Single Sign-On) with your Amazon Managed Grafana workspace

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Setting up

SAML