User authentication in Amazon Managed Grafana - Amazon Managed Grafana

User authentication in Amazon Managed Grafana


AWS Single-sign-on (AWS SSO) is currently being rebranded to IAM Identity Center.

Users are authenticated to use the Grafana console in an Amazon Managed Grafana workspace by single sign-on using your organization’s identity provider, instead of by IAM. Each workspace can use one or both of the following authentication methods:

  • User credentials stored in identity providers (IdPs) that support Security Assertion Markup Language 2.0 (SAML 2.0)

  • AWS IAM Identity Center (successor to AWS Single Sign-On)

For each of your workspaces, you can use SAML, IAM Identity Center, or both. If you begin by using one method, you can switch to using the other.