Datasheet
May 2021
Secure Access to AWS
for Suppliers and Partners
Challenge: Securing Access to Cloud
Apps for Suppliers and Partners
You’ve built an application on AWS; now you need to secure it.
You need a way for suppliers and partners from around the world
to securely gain access to the data that only pertains to them.
Take, for example, a clothing brand. The clothing brand provides
retail partners access to their inventory data through an
application running on AWS. Stores that carry the brand need
to access the application daily. The brand needs a secure way
to ensure that when a store in Idaho accesses their application,
they won’t be able to access data pertaining to a store in
Florida. As organizations extend their technology to partners
to realize business benefits, the importance of security cannot
be overlooked.
Under the AWS Shared Responsibility Model, AWS manages
security of the cloud, while security in the cloud is the
responsibility of the customer. Customers retain control of
Identity and Access Management (IAM) as part of the security
they choose to implement to protect their own content, platform,
applications, systems, and networks, no dierently than they
would for applications in an on-site data center. As you’ll see in
the diagram below, Okta fills a significant slot in the security
of your cloud or hybrid environment.
In today’s tech-centric business world, security can’t be ignored.
But security solutions aren’t all created equal. You need a
managed service that is specifically built to run on the cloud—one
that’s easy to administer and doesn’t create friction for users.
Customer Use Case: Adobe
Challenge: A small internal IT team was managing access to
300+ cloud applications with a solution built in-house
Solution: Adobe engaged Okta to deliver a comprehensive
authentication layer across all Adobe Creative Cloud for
enterprise
Outcome: Adobe uses Okta to oer a comprehensive identity
management layer to all its enterprise customers, including
Adobe Marketing Cloud and Adobe Document Cloud, as well
as Creative Cloud
Customer
Responsible for
Security “IN” the Cloud
AWS
Responsible for
Security “OF” the Cloud
Customer Data
Platform, Applications, Identity and Access Management
Operating System, Network and Firewall Configuration
Client-side Data
Encryption and
Data Integrity
Authentication
Server-side
Encryption
(File System
and/or Data)
Network Trac
Protection
(Encryption/
Integrity/Identity)
Compute Storage Database
Availability Zones
AWS Global
Infrastructure
Edge
Locations
Regions
Networking
Supplier
Hosted AD/LDAP
Distributor SAML
Retailer ADFS
Applications built on AWS
Custom Business Applications
Inbound SAML
Finance
Inventory
CRM
AWS Lambda
Amazon API Gateway
A
A
Custom
Bu
SAML
OIDC
WS-Fed
Datasheet
May 2021
The Okta Solution: Shorten Time
to Productivity When Integrating
With Partner Infrastructure
Many supplier oerings in this space share a lot of common
ground, however in a B2B context there are some specific
requirements that can make the dierence in terms of roll out
and adoption.
Okta uses SAML or Active Directory Federation Services (ADFS)
to streamline and secure access to your applications on AWS
as well as other AWS services such as AWS Lambda or Amazon
API Gateway. Information about a user can be accessed from
Active Directory, LDAP or a partner’s IdP and can be transmitted
to Amazon API Gateway.
Allowing users from the partner organizations to access your
services through Okta can minimize administrative overhead and
avoid security issues related to the synchronization of identities
and passwords. Additional safeguards such as multi-factor
authentication (MFA) can be implemented optionally.
Okta and AWS
Okta was born and built on Amazon Web Services (AWS). It
leverages several AWS services such as Amazon Elastic Compute
Cloud (Amazon EC2), AWS Key Management Service (AWS
KMS), and Amazon CloudFront and is architected over multiple
regions and Availability Zones (AZs), making it reliable and highly
available. AWS takes care of the security of the cloud. Okta helps
secure your applications and data in the cloud. That leaves you
free to focus on building awesome products.
About Okta
Okta is the leading independent provider of identity for the
enterprise. The Okta Identity Cloud enables organizations to
securely connect the right people to the right technologies at the
right time. With over 7,000 pre-built integrations to applications
and infrastructure providers, Okta customers can easily and
securely use the best technologies for their business. More than
10,000 organizations, including JetBlue, Nordstrom, Slack,
TMobile, Takeda, Teach for America and Twilio, trust Okta to
help protect the identities of their workforces and customers.
Find the right Okta + AWS Identity & Access
Management solution for your organization.
Read all four of our solution briefs:
1. Employees & Applications
Eciently provide and revoke secure application access to
your to employees
2. Developers & Services
Secure access to your AWS Management Console, with
multiple AWS accounts
3. Partners & Portals
Grant business partners and suppliers secure access to only
the data they need
4. Customers & Products
Allow customers to securely and easily access your website
or applications
Get started and learn more about Okta on
AWS: okta.com/partners/aws
