...
Identify AWS groups with the appropriate target permissionspermission sets / account assignments
Ensure those same group names exist within Microsoft
owners / members should be set appropriately
Create backup IAM admin user with access to identity center in AWS in case changes need to be reverted
...