Seeking help for performing authentication on Azure resources via third pary active directory

Question

Hi All,

We are working on a multi-cloud setup to meet some application requirements. Some resources would be deployed in AWS and other resources such as Application gateway fronting multiple web servers and cosmos database would be deployed in Azure.

We can only use AWS active directory services, not sure how Azure resources authentication and authorization could be done through AWS AD. I think we just need to get token from AWS AD which needs to passed to Azure AD but I am not crystal clear about this.

Appreciate your helpful response.

Thank you!!

Answer 1

Hello @anil kumar and thanks for reaching out. Provided AWS IAM Identity Center follows requirements detailed in Use a SAML 2.0 Identity Provider (IdP) for Single Sign On, you should be able to add and use it as a SAML/WS-Fed identity providers for guest users. Take a look to the AWS documentation on how to integrate IAM Identity Center with Office 365, skip the Office 365 license assignment steps. Overall, it should be a good starting point. Once all is set you will be able to authenticate with your AWS users and assign RBAC roles to their Azure AD counterparts (The user accounts created in the Part B: IAM Identity Center Directory chapter. from the aforementioned AWS documentation.).

Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.