Any AWS Account within the Cornell AWS Organization has access to the IT@Cornell Service Catalog Portfolio. Service Catalog is an AWS offering that allows us to give our member AWS Account Administrators templated, self-service "Products" which define a standalone IT service or tool. |
Account Administrators have full control over which IAM Groups, Roles and Users are allowed to launch Products from the IT@Cornell Portfolio. By default, shib-admin members can launch and of our Portfolio products.
This document describes the steps to enable additional IAM Principals to the IT@Cornell Products for your account. (ie. sso-admin, shib-devs, shib-dbas, etc...)