Amazon Web Services (AWS) has expanded the availability of IAM Identity Center to 38 AWS Regions worldwide, including the newly added Asia Pacific (New Zealand) region. The service, which manages workforce access to AWS applications, offers single sign-on capabilities and is now available at no additional cost.
IAM Identity Center is positioned by AWS as the recommended solution for controlling access for employees and other workforce users to AWS resources. It allows organizations to connect their existing identity systems – such as those from Okta or other identity providers – to AWS, streamlining user authentication and authorization across multiple accounts and services. According to AWS documentation, the service is designed to simplify the management of Amazon Q Developer Pro subscriptions, enabling administrators to manage user access and track usage.
The expansion of IAM Identity Center’s regional availability coincides with growing demand for centralized identity management solutions, particularly as organizations adopt cloud services like Amazon Q. IAM Identity Center integrates with Amazon Q, enabling personalized experiences and user-aware access to data within services like Amazon Redshift. This integration allows for tailored insights and capabilities based on user permissions, without requiring complex access reconfigurations, AWS states.
AWS emphasizes that IAM Identity Center is not limited to Amazon Q. It provides a central point of control for access to multiple AWS accounts, allowing administrators to define and audit user permissions across the entire AWS environment. The service supports both organization-level and account-level subscription management for Amazon Q Developer Pro, with AWS recommending the use of an organization instance for centralized control. Organizations utilizing AWS Organizations can leverage IAM Identity Center to manage Amazon Q Developer Pro settings and subscriptions across their entire organization.
Administrators seeking to implement IAM Identity Center for Amazon Q Developer Pro are directed to choose a deployment option and subscribe workforce users to the Pro tier. AWS documentation details a step-by-step process for configuring IAM Identity Center and integrating it with existing identity sources. The service is intended to provide enterprise-level controls over Amazon Q Developer subscriptions, including the ability to cancel subscriptions, manage users in bulk and monitor usage through a dedicated dashboard.
AWS re:Post documentation highlights that Amazon Q Developer Pro requires an IAM Identity Center instance for subscription management. While account instances are possible, AWS recommends deploying an organization instance from the Organizations management account to streamline administration and ensure consistent access across member accounts. The organization management account is required for managing Amazon Q Developer Pro subscriptions.
