![]() ![]() ![]() You configure a JDBC or ODBC driver in SQL client to use Azure AD federation and use Azure AD login credentials to sign in.The solution contains the following steps: The following diagram illustrates the architecture of the solution: AWS Security Token Service (AWS STS) requests temporary credentials to connect to Amazon Redshift.Security Assertion Markup Language (SAML 2.0) simplifies the interaction between identity provider and service provider.AWS serves as the service provider for authorization.Azure AD serves as the identity provider (IdP) for user authentication.The solution to configure the federation between Azure AD and IAM to allow seamless access to Amazon Redshift using a SQL client contains the following components: You don’t need to create separate database users in Amazon Redshift with this setup. Azure AD manages the users and provides federated access to Amazon Redshift using IAM. This post illustrates how to set up federation using Azure AD and AWS Identity and Access Management (IAM). For more information about integrating Azure AD, see Setting Up JDBC or ODBC Single Sign-on Authentication with Microsoft Azure AD. In addition to Active Directory Federation Service (ADFS), PingFederate, and Okta, Amazon Redshift also supports Azure AD federation.įor more information about using ADFS with Amazon Redshift, see Federate Database User Authentication Easily with IAM and Amazon Redshift. This simplifies administration by allowing you to control user access at a central location and reducing the overhead of creating and maintaining database users. You can use federation to centrally manage access to Amazon Redshift. The solution was to set up Azure AD federated access to Amazon Redshift. Doing so not only provided a better user experience (users can utilize their corporate credentials and don’t have to remember extra passwords), but it also made maintenance easier, because all corporate users are managed in a single place. Their requirement was to enable data warehouse users to use their corporate credentials to query data in Amazon Redshift. Recently, we helped a large enterprise customer who was building their data warehouse on Amazon Redshift, using Microsoft Azure Active Directory (Azure AD) as a corporate directory. December 2022: This post was reviewed and updated for accuracy.įebruary 2nd, 2022: This blog was updated by Kay Lerch. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |