All Amazon Q Business application environments require user access through AWS Identity and Access Management (IAM) identity management. You can choose one of two types of user IAM identity management methods supported by Amazon Q Business. These are IAM Identity Center and IAM Federation. Both IAM Identity Center and IAM Federation require an external identity provider setup to allow end users to log in through their identity provider.
IAM Identity Center provides advanced user group management, while Identity and Access Management (IAM) Federation provides more service quotas for the external identity providers. You can choose the identity management that's best suited for you and your end customer when creating their Amazon Q Business application environment. For more information, see Configuring an Amazon Q Business application environment using AWS IAM Identity Center and Creating an Amazon Q Business application environment using Identity Federation through IAM
