Enable single sign-on access to your Amazon EC2 Windows instances
You can enable single sign-on access to your Amazon EC2 Windows instances if you're an application administrator who manages users in the Identity Center directory (the default identity source for IAM Identity Center) or a supported external identity provider (IdP), and you must provide IAM Identity Center access to your Amazon EC2 Windows desktops from the Amazon Fleet Manager console.
With this configuration, you can securely access your Amazon EC2 Windows instances with existing corporate credentials. You don't need to share administrator credentials, access credentials multiple times, or configure remote access client software. You can centrally grant and revoke access to your Amazon EC2 Windows instances at scale across multiple Amazon Web Services accounts. For example, if you remove an employee from your IAM Identity Center integrated identity source, they automatically lose access to all Amazon resources, including Amazon EC2 Windows instances.
For more information, see How to enable secure seamless single sign-on to Amazon EC2 Windows instances with
IAM Identity Center
For a demonstration of how
to configure IAM Identity Center to enable this capability, see Enabling Single Sign-on to Amazon EC2 Windows with IAM Identity Center