AWS IAM Identity Center Reviews

I usually use IAM Identity Center with EC2, where EC2 is the part where I configure the computation or making instances and servers that I need. IAM is generally used for the security part, where I configure the user and security groups that can access and configure the EC2 networks.

IAM Identity Center has made managing the budgeting aspects of AWS much easier. It provides a dashboard where the billing is all there, and we can predict and have a threshold for the budget, which makes the budgeting part really easy to manage and note.

The most valuable feature is the security configuration ease, which is great for me, especially as a beginner. It makes it easy to learn and understand how IAM works and to configure the security part for AWS services.

I would like to see more flexibility in the features as sometimes it doesn't meet my expectations. I want to be able to manage a lot of users easily. Having a lot of users on one instance is hard to configure, so I hope for more flexibility and ease in configuration.

I have been using IAM Identity Center for about two months.

Stability-wise, it is functioning well without any outages or crashes. I would rate it as a ten for stability.

Scalability is really beneficial. It can handle both a small number of users and a bigger number of users efficiently.

I have not interacted with technical support from AWS for IAM Identity Center yet.

Positive

I have not used a different solution for these use cases before. IAM is usually the most used for security with AWS services, and I haven't evaluated other solutions.

I would rate the initial setup a seven, as there are repetitive tasks that need to be done if there are a lot of accounts to set up. It would be beneficial to have automation or a technique to configure multiple users at once.

For deployment, I worked alone. Currently, I handle it by myself, even for maintenance, as I am not using the solution for a large project.

I've never made a comparison with on-premises servers, but IAM makes budgeting easy with tracking and managing costs. It's not easy to do so without a direct organizational comparison, but IAM provides insightful budgeting facilities.

I don't really focus on pricing much since the month budget is not high, and it is quite worthwhile for the price IAM offers. I consider it affordable.

I haven't really evaluated any other options. Based on the other AWS products available, IAM is the most suited for these use cases.

Overall, IAM Identity Center is a great service, currently rated at nine out of ten. There is room for improvement, especially in making it more user-friendly for newcomers or those new to AWS services.

I'd rate the solution nine out of ten.

I use the solution in my company to attach policies and roles. Amazon doesn't provide our company with all the permissions from a single source, so we need to create a role and attach the policy to give the right access to AWS services in order to ensure that everything works fine, or else it won't work properly.

As an IAM-based tool, the product provides users with policies created by AWS. Users can create their own policies on top of the ones provided by AWS and attach them to different resources, which is actually nice, making everything perfect in the solution.

AWS IAM Identity Center serves as an IAM solution that helps users give or revoke access whenever needed. Whenever you require access, creating the users, attaching those policies, and creating the roles can be done while having access to AWS Management Console or programmatic access. You can provide access to the right person to whom it should be provided in your company or revoke the access if required. Even for AWS resources, if you use any tools like AWS Lambda or other solutions, such products will work if the right access is provided. If you don't attach the correct policies, then it won't work even if you use the correct gateway. The user will have to deal with the permission denied part.

I don't think there is any need for improvement in the product since everything has been created architecturally by AWS. AWS has given all the features in the tool.

In the product, two groups cannot have the same name. There will be a conflict if the same name is provided to two groups in the tool. If you want to say something to another user, the tool fails to identify which group out of the two having the same name is involved in the activity. In general, the tool does not allow for the duplication of names. The aforementioned area can be considered for improvement in the product.

I have experience with AWS IAM Identity Center. I am a user of the tool.

It is a stable solution.

Everyone in my company uses the product.

With AWS IAM Identity Center, no installation procedure is involved.

AWS IAM Identity Center provides a document. Everything in the document helps our company create users, roles, and policies. By using the tool's documentation, our company can easily create users and give them access to those users, specifically if you have admin access. The one with the admin access can give access to other developers or any other person to whom you want to give access to AWS Management Console so that they can make use of it.

The solution is deployed on the cloud.

The product is cheap since it is available on the cloud. AWS IAM Identity Center does not fall under the services that my company provides continuously to our customers, but we do create users and give them access to AWS Management Console.

The product is easy for beginners to learn and use.

I recommended the product to those who plan to use it. I also suggest that people should use the product cautiously so that they don't end up giving access to unknown people. It is better to provide minimal access to others, meaning you should not provide others with all the privileges using the tool in order to ensure that there is no misuse of the access possible. With limited access, the user can only perform as per the role specified within the product.

If you have admin access, you can read the documentation. You can use the tool to create users and give them the right roles while ensuring that you provide them with read-only access so that they get to see what is there in the portal while being unable to write or modify anything. It is easy to learn and easy to create users and rules with the product.

All the features are already provided in the tool, so there is no need to do anything. Creating the users, roles, or policies can be done using the product. The tool also has pre-built policies. You can create policies just through visualization or JSON. If you want to create a policy, you can create it and attach it for different users. In the tool, my company uses the policy and roles for almost all the services so that we can give access to different users. In my company, it is good that we have everything controlled by AWS IAM Identity Center.

I rate the tool a nine out of ten.

Most enterprise companies use multiple AWS accounts, ranging from ten to hundreds. This separation allows for individual team environments and presents an identity and access management (IAM) challenge. 

To manage IAM centrally, AWS Identity Center, formerly known as AWS SSO, is used to set up federations with existing authentication systems, like Azure AD. This setup allows roles to be defined for various teams, such as DevOps and security, ensuring people have permissions tailored to their roles and departments.

AWS Identity Center simplifies the management of IAM at scale, reducing the risk of errors when managing permissions across multiple accounts. 

With federated access and centralized management, AWS Identity Center enhances the security posture by minimizing mistakes and ensuring consistent permission handling.

The most valuable feature of AWS Identity Center is its ability to centrally create permission templates, known as permission sets, which define AWS IAM roles. This allows for the automation of role creation and updates across all AWS accounts, saving significant time and reducing error risks, especially for large organizations.

The AWS Identity Center's user interface could be improved to provide a clearer understanding of how the system operates. 

Although the API side is well-developed, the console can be misleading, and improvements in presenting and simplifying the understanding of advanced features would be beneficial.

I have been working with AWS Identity Center since 2018, when it was known as AWS SSO, for about six years.

AWS Identity Center is stable and reliable. It works well consistently without any noticeable stability problems.

AWS Identity Center scales very well. At scale, the challenge lies more in managing permissions across numerous users and resources rather than a limitation of the product itself.

The documentation and resources available for AWS Identity Center are extensive and well-developed. I have not needed to contact AWS support for issues related to Identity Center as the documentation adequately covers most queries.

Positive

Prior to AWS Identity Center, managing IAM involved setting up federations manually for each AWS account, which was time-consuming and complex. AWS Identity Center significantly reduces this complexity and effort.

For individuals, AWS Identity Center's initial setup is quick and simple, taking only a few minutes. 

For companies requiring federation with existing authentication solutions, the setup is more complex but well-documented.

AWS Identity Center is free, making it a cost-effective solution for managing IAM permissions and federations.

There was no consideration of other solutions given the integration and effectiveness of AWS Identity Center within AWS environments.

If you are actively using AWS for production workloads and are not yet using AWS Identity Center, it's advisable to migrate sooner rather than later. AWS Identity Center simplifies permission management and scales usage effectively, saving significant time in managing user access.

I'd rate the solution eight out of ten.