IAM identity provider

When you add single sign-on access to an AWS account, IAM Identity Center creates an IAM identity provider in each AWS account. An IAM identity provider helps keep your AWS account secure because you don't have to distribute or embed long-term security credentials, such as access keys, in your application.

Repair the IAM identity provider

If you accidentally delete or modify your identity provider, you must manually reapply your user and group assignments. Reapplying your user and group assignments recreates the identity provider. For more information, see:

Manage access to AWS accounts
Manage access to applications

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Create permission policies for ABAC in IAM Identity Center

Service-linked roles