Pump
Back to Home
  • Getting Started
    • Introduction
    • The Hitchhiker's Guide to Pump
    • Joining Pump
      • Our Features
      • Running your Savings Estimate
      • Selecting a mode (Autopilot or Manual Mode)
      • Savings Survey
      • When can I expect to see Savings?
      • Money Back Guarantee
    • Billing Info
      • Billing Process
      • First Month Billing
      • Currencies Supported
      • Supported Payment Methods
      • Invoice Verification or Errors
      • Invoices for Indian Customers
      • Invoices from AWS
      • Sales Tax or Value Added Tax (VAT)
    • How Pump works
    • Real Customers, Real Success Stories
    • Money Back Guarantee
    • FAQ
  • AWS: Joining Pump
    • How to Join Pump (3 easy steps)
      • Step 1 - View Estimate
      • Step 2 - Authorize Pump
      • Step 3 - Know your business
      • Finishing Touches
        • Inviting your team
        • Adding additional AWS accounts
        • Post onboarding
        • AWS Seller Registration
        • Sign up for Auto Pay
    • AWS Multi-account architecture
      • via 'Join Account(s)'
      • via 'Join With A Pre-Existing Org(s)'
      • Join via CTA
      • How Pump handles SSO
      • Leave an AWS Organization
    • AWS Role Deployment and Permissions
  • Maximizing Pump with AWS
    • Using Pump
      • Savings Summary
      • Past Savings
      • Reserved Instances
      • Savings Plans
      • Group buying discounts
      • Payments
      • Sales or Value added tax (VAT)
      • Credit FAQ
    • AWS Discount Prices
    • Pump Secure
    • AWS Credits FAQ
  • GCP: Joining Pump
    • Getting Started with GCP
      • Step 1 - View Savings Estimate
      • Step 2 - Authorize Pump
  • Azure: Joining Pump
    • Azure Role Deployment and Permissions
  • Pump University
    • Welcome to Pump University
  • Support
    • Fast & Free Support
    • Security & Access
      • Cross Account Role
      • Role Deployment
      • Access Management
      • Other Housekeeping
    • Invoices from AWS
    • Invoices from GCP
    • Request a Demo
    • Security Standards
    • Changing Infrastructure while on Pump
Powered by GitBook
On this page
  1. AWS: Joining Pump
  2. AWS Multi-account architecture

How Pump handles SSO

Here are steps to successfully setting up SSO


Before the call (~5 minutes):

  1. Customer provides Pump with an email address to use for the root-user of the delegated administrator account, and the region they would like SSO set up in.

  2. Pump provisions an organization with the delegated admin account and SSO enabled in specified region.

  3. Customer logs in to the delegated admin account with the email provided, and does a ‘forgot my password’ process to set a password.

On the call with Pump Solutions Architect (30-45 minute call):

  1. While screen-sharing, customer logs into their current management account and runs an export script in IAM Identity Center to download their current users, groups, and permissions.

  2. Customer logs into the new, delegated administrator account and runs an import script to upload their users, groups, and permissions into the new organization.

  3. If using a third party, customer creates a new application that links to the new IAM Identity Center.

  4. Customer tests SSO access.

PreviousJoin via CTANextLeave an AWS Organization

Last updated 1 month ago