Home icon

How to federate into AWS from Azure DevOps using OpenID Connect

Microsoft Workloads on AWS Blog

This article provides a comprehensive guide on how to federate into AWS from Azure DevOps using OpenID Connect (OIDC) with the AWS Toolkit for Azure DevOps.

  • Enables obtaining temporary AWS credentials without managing static IAM credentials
  • Supports workload identity federation between Azure DevOps and AWS
  • Requires creating an OIDC identity provider in AWS and configuring a trust policy
  • Follows least-privilege security principles by limiting role access to specific service connections
  • Compatible with various tools like Terraform and AWS SDKs

The process involves creating a service connection, configuring an AWS identity provider, creating an IAM role with specific trust conditions, and running an Azure DevOps pipeline to validate the federation.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Jul 29
2024
Use OpenID Connect with AWS Toolkit for Azure DevOps to perform AWS CodeDeploy deployments
Sep 20
2024
Connect to an Amazon RDS or Amazon Aurora instance using a federated user with AWS IAM Identity Center and IAM database authentication
Jan 23
2024
Automating OpenID Connect-Based AWS IAM Web Identity Roles with Microsoft Entra ID
Jul 12
2024
AWS Identity and Access Management simplifies management of OpenID Connect identity providers

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.