AWS SAML role

SAML 2.0 (Security Assertion Markup Language 2.0) is an authentication protocol that is most commonly used between an identity provider and service provider. AWS allows you to create roles for SAML 2.0 providers for identity federation. So, if your organization is already using identity provider software that is compatible with SAML 2.0, you can use it to create trust between your organization and AWS as service provider. This will help you create a single sign on solution for all users in your organization.

You can also create your own custom identity provider solution that is compatible with SAML 2.0 and associate it with AWS.

The following figure shows the AWS SAML 2.0 role available in IAM dashboard: