Before we go any further, let's just explain in a sentence what SAML actually is. Security Assertion Markup Language (SAML) is a standard that allows you to securely exchange authentication data between different domains by using security tokens between an IdP and a SAML consumer. In this case, the IdP will be MS-AD and the SAML consumer will be AWS, specifically IAM roles.
In this section, we will see how you can use SAML to enable single sign-on (SSO) to gain federated access to the AWS Management Console.