Learn how to configure the AWS CLI so you can log into the AWS IAM Identity Center (formerly AWS SSO) from the command line and get temporary credentials for use with the AWS and SAM CLI's.
What if I don't want to use CLI? What if I want to use Workbench or pgAdmin for example? Connecting to a resource should not be this complicated and look as if it is happening in 1990. It is 2024 for gods sake.
Hi Thanks for the tutorial . I have a situation where in config would have both sso profiles and also awsume profile. Before i use the profile. i explicitly set export AWS_profile but i could not get it working.
Using the region where IAM Identity Center was a blocker for me. Get errors like invalid_grant > Invalid grant provided. Upon using the correct region it worked great.
Nice work but still after logging in the profile I can able to list my s3 buckets by running "aws s3 ls -profile name" without the profile name cant we run just like aws s3 ls ?
You could set one profile as the default but I find it's better to not have a default profile and use the --profile option instead because you're probably going to be dealing with multiple accounts/profiles.
Would be nice to mention dealing with SSL issues (self-signed) given that SSO is typically used in a corporate environment behind a proxy/VPN with trusted certs.
You're administrator will provide that to you. If you are the administrator and you can't remember what you setup then go to IAM Identity Center and click Settings. Look for the AWS access portal URL
@@richdevelops This solved my problem, they don't mention you have to use this url in their bad instructions. but now I see in the cli: No AWS accounts are available to you. Their instructions are useless.
