As you mentioned, you can connect AWS to Microsoft Defender for Cloud Apps without having Azure as an IdP. Based on my understanding your users will still be protected and the built-in policy templates used to detect AiTM phishing (impossible travel, atypical travel) would be available. To clarify though, you still need to have an Azure account, at least one Global Admin user, and enough licenses to cover protected users in order to use Microsoft Defender for Cloud Apps.
Reference:
Prerequisites for using Microsoft Defender for Cloud Apps.
If you follow the onboarding process, your AWS resources will be monitored in Microsoft Defender for Cloud Apps and you will be able to use the protections detection policies to detect AiTM phishing. I've also reached out to the product team to verify if there are any limitations around your scenario though and will provide their response. Based on my understanding it should work since the AiTM phishing detection is based on those other three built-in detection policies that are included when integrating AWS.
-
If the information helped you, please Accept the answer. This will help us and other community members as well.