This Partner Solution deploys Okta Advanced Server Access (Okta ASA) to the Amazon Web Services (AWS) Cloud. It's for systems administrators who deploy and manage Amazon Elastic Compute Cloud (Amazon EC2) instances. It helps secure remote access and control local accounts and permissions using Okta software.
After you deploy this Partner Solution, access to Amazon EC2 instances is authenticated and authorized through an Okta single-sign-on workflow. This workflow, which can provide contextual multifactor authentication, mitigates the risk of credential theft and misuse. It also reduces the need to wrap additional controls and management layers around secrets.
Specifically, this Partner Solution provides a mechanism for managing the lifecycle of local EC2-instance user and group accounts and their machine-level permissions. These things are sourced directly from the Okta Identity Cloud. When you use Okta ASA as your authentication mechanism to EC2 instances, you don’t rely on static credentials to log in. Instead, Okta uses a dynamic, ephemeral, one-time access token that ties directly to the user’s least-privileged access profile in the central Okta identity database.
You can access Linux EC2 instances using Secure Shell (SSH) or Windows EC2 instances using Remote Desktop Protocol (RDP). By default, this Partner Solution sets up SSH access to Linux EC2 instances.
