AWS Cloud

AWS Single Sign-On

Centrally manage single sign-on (SSO) access to multiple AWS accounts and business applications.

AWS Single Sign-On (SSO) is a cloud SSO service that makes it easy to centrally manage SSO access to multiple AWS accounts and business applications. It enables users to sign in to a user portal with their existing corporate credentials and access all of their assigned accounts and applications from one place. With AWS SSO, you can easily manage SSO access and user permissions to all of your accounts in AWS Organizations centrally.

Further, by using the AWS SSO application configuration wizard, you can create Security Assertion Markup Language (SAML) 2.0 integrations and extend SSO access to any of your SAML-enabled applications. AWS SSO also includes built-in SAML integrations to many business applications, such as Salesforce, Box, and Office 365. With just a few clicks, you can enable a highly available SSO service without the upfront investment and on-going maintenance costs of operating your own SSO infrastructure.



AWS SSO enables you to centrally manage SSO access and user permissions for all of your AWS accounts managed through AWS Organizations. No additional setup is required in the individual accounts. AWS SSO configures and maintains all the necessary permissions in your accounts automatically. You can assign users permissions based on common job functions and customize these permissions to meet your specific security requirements. For example, you can give your security team administrative-level access to your AWS accounts running your security tools, but only grant them auditor-level access to your other AWS accounts for monitoring purposes.


AWS SSO integrates with Microsoft Active Directory (AD) through AWS Directory Service, enabling users to sign in to the user portal using their AD credentials. With the AD integration, you can manage SSO access to your accounts and applications for users and groups in your corporate directory. For instance, you can grant the DevOps AD group access to your production AWS accounts. When you add users to this group, they are granted access to your production AWS accounts automatically. This makes it easy to on-board new users and give existing users SSO access to new accounts and applications quickly.


With AWS SSO, you can enable a highly-available SSO service for your organization with just a few clicks. There is no additional infrastructure to deploy or maintain. All administrative and SSO activity is recorded in AWS CloudTrail, helping you meet your audit and compliance requirements. You can centrally view when users attempt to access accounts and applications, including from what IP address. You can also view when users are granted access to accounts and applications, when their assigned permissions to an AWS account are changed, and when their SSO access is removed. Using AWS SSO, you have the visibility to audit SSO activity in one place.


AWS SSO provides a user portal so users can find and sign in to all of their assigned AWS accounts and business applications in one place. The AWS SSO application configuration wizard helps you extend SSO access to any application that supports Security Assertion Markup Language (SAML) 2.0. AWS SSO also offers built-in SAML integrations to many business applications, including Salesforce, Box, and Office 365. AWS monitors these integrations for changes and updates the integration on your behalf automatically.

Setting up AWS SSO

AWS Fargate

Run containers without managing servers or clusters

AWS Fargate is a technology for Amazon ECS and EKS* that allows you to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing. AWS Fargate removes the need for you to interact with or think about servers or clusters. Fargate lets you focus on designing and building your applications instead of managing the infrastructure that runs them.

Amazon ECS and EKS have two modes: Fargate launch type and EC2 launch type. With Fargate launch type, all you have to do is package your application in containers, specify the CPU and memory requirements, define networking and IAM policies, and launch the application. EC2 launch type allows you to have server-level, more granular control over the infrastructure that runs your container applications. With EC2 launch type, you can use Amazon ECS and EKS to manage a cluster of servers and schedule placement of containers on the servers. Amazon ECS and EKS keeps track of all the CPU, memory and other resources in your cluster, and also finds the best server for a container to run on based on your specified resource requirements. You are responsible for provisioning, patching, and scaling clusters of servers. You can decide which type of server to use, which applications and how many containers to run in a cluster to optimize utilization, and when you should add or remove servers from a cluster. EC2 launch type gives you more control of your server clusters and provides a broader range of customization options, which might be required to support some specific applications or possible compliance and government requirements.

* AWS Fargate support for Amazon EKS will be available in 2018.



With AWS Fargate, you only have to think about the containers so you can just focus on building and operating your application. AWS Fargate eliminates the need to manage a cluster of Amazon EC2 instances. You no longer have to pick the instance types, manage cluster scheduling, or optimize cluster utilization. All of this goes away with Fargate.


AWS Fargate makes it easy to scale your applications. You no longer have to worry about provisioning enough compute resources for your container applications. After you define your application requirements (e.g., CPU, memory, etc.), AWS Fargate manages all the scaling and infrastructure needed to run your containers in a highly-available manner. You no longer have to decide when to scale your clusters or pack them for optimal utilization. With Fargate, you can launch tens or tens of thousands of containers in seconds and easily scale to run your most mission-critical applications.


AWS Fargate seamlessly integrates with Amazon ECS. You just define your application as you do for Amazon ECS. You package your application into task definitions, specify the CPU and memory needed, define the networking and IAM policies that each container needs, and upload everything to Amazon ECS. After everything is setup, AWS Fargate launches and manages your containers for you.

AWS Fargate support for Amazon EKS will be available in 2018.

How it works

AWS Database Migration Service

Migrate your databases to AWS with minimal downtime.

More than 55,000 databases have been migrated using AWS Database Migration Service.

AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases.

The service supports homogenous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora or Microsoft SQL Server to MySQL. It also allows you to stream data to Amazon Redshift, Amazon DynamoDB, and Amazon S3 from any of the supported sources including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SAP ASE, SQL Server and MongoDB, enabling consolidation and easy analysis of data in the petabyte-scale data warehouse. AWS Database Migration Service can also be used for continuous data replication with high-availability.

When migrating databases to Aurora, Redshift or DynamoDB, you can use DMS free for six months.

Simple to use

AWS Database Migration Service is simple to use. There is no need to install any drivers or applications, and it does not require changes to the source database in most cases. You can begin a database migration with just a few clicks in the AWS Management Console. Once the migration has started, DMS manages all the complexities of the migration process including automatically replicating data changes that occur in the source database during the migration process. You can also use this service for continuous data replication with the same simplicity.

Minimal Downtime

AWS Database Migration Service helps you migrate your databases to AWS with virtually no downtime. All data changes to the source database that occur during the migration are continuously replicated to the target, allowing the source database to be fully operational during the migration process. After the database migration is complete, the target database will remain synchronized with the source for as long as you choose, allowing you to switchover the database at a convenient time.

Supports Most Widely Used Databases

AWS Database Migration Service can migrate your data to and from most of the widely used commercial and open source databases. It supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora. Migrations can be from on-premises databases to Amazon RDS or Amazon EC2, databases running on EC2 to RDS, or vice versa, as well as from one RDS database to another RDS database. It can also move data between SQL, NoSQL, and text based targets.

Low Cost

AWS Database Migration Service is a low cost service. You only pay for the compute resources used during the migration process and any additional log storage. Migrating a terabyte-size database can be done for as little as $3. This applies to both homogeneous and heterogeneous migrations of any supported databases. This is in stark contrast to conventional database migration methods which can be very expensive.

Fast and Easy to Set-up

You can set up a migration task within minutes in the AWS Management Console. A migration task is where you define the parameters the AWS Database Migration Service uses to execute the migration. This includes setting up connections to the source and target databases, as well as choosing the replication instance used to run the migration process. Once setup, the same task can be used for test runs before performing the actual migration.


The AWS Database Migration Service is highly resilient and self–healing. It continually monitors source and target databases, network connectivity, and the replication instance. In case of interruption, it automatically restarts the process and continues the migration from where it was halted. Multi-AZ option allows you to have high-availability for database migration and continous data replication by enabling redundant replication instances.

Engineered for the most Demanding Requirements


Comprehensive security capabilities to satisfy the most demanding information security requirements.


Rich controls, auditing and broad security accreditations.


Build hybrid IT architectures that extend your on-premises infrastructure to the Cloud.

Supporting Virtually any Workload for Over a Million Active Customers in 190 Countries

Web Applications

Build scalable, high performance websites with a broad set of services geared for modern web applications.

Big Data & HPC

Process data quickly with instant access to vast amounts of computing power designed to handle massive volumes of data.

Line of Business Apps

Move your business into the cloud with secured, high-performance solutions for your common and custom business applications.

Backup & Storage

Securely store your information with storage options that provide built-in encryption, designed for 99.999999999% durability.

Disaster Recovery

Protect your data and applications across data centers and the cloud with immediately available, scalable and durable disaster recovery.


Media services that allow the secured storage, processing, and delivery of your media assets around the world.


From mobile to web, console to PC; AWS provides a broad range of low-cost, instantly available gaming backend services for developers that write for every platform and language.

Healthcare & Life Sciences

Healthcare and Life Sciences organizations are using AWS for everything from basic biomedical research to HIPAA-compliant clinical information systems.