Use Case 4: SSO to Office 365 and Other Cloud Applications - AWS Directory Service
AWS services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with AWS services in China.

Use Case 4: SSO to Office 365 and Other Cloud Applications

You can use AWS Managed Microsoft AD to provide SSO for cloud applications. You can use Azure AD Connect to synchronize your users into Azure AD, and then use Active Directory Federation Services (AD FS) so that your users can access Microsoft Office 365 and other SAML 2.0 cloud applications by using their AD credentials.

Integrating AWS Managed Microsoft AD with AWS SSO adds SAML capabilities to your AWS Managed Microsoft AD and / or your on-premises trusted domains. Once integrated your users can then use AWS SSO with services that support SAML, including the AWS Management Console and third-party cloud applications such as Office 365, Concur, and Salesforce without having to configure a SAML infrastructure. For a demonstration on the process of allowing your on-premise users to use AWS SSO, see the following YouTube video.