Checks whether you have enabled role-based single sign-on (SSO) by using Security Assertion Markup Language (SAML). If so, the evaluation result is Compliant.
Scenarios
Role-based SSO by using SAML simplifies the process for the user access and management of multiple application systems, and improves security, management efficiency, and user experience. It is an ideal authentication and authorization management solution for enterprises.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If you have enabled role-based SSO by using SAML, the evaluation result is Compliant.
If you have not enabled role-based SSO by using SAML, the evaluation result is Non-compliant.
Rule details
Item | Description |
Rule name | ram-role-sso-saml-enabled |
Rule ID | |
Tag | SSO, RAM, and User |
Automatic remediation | Not supported |
Trigger type | Periodic execution |
Evaluation frequency | Every 24 hours |
Supported resource type | All resources |
Input parameter | None |
Non-compliance remediation
Enable role-based SSO by using SAML. For more information, see Overview of user-based SSO.