Configure your SSO identity store using the single sign-on guide.
From the Single Sign-On configuration page, customize the start URL for your user portal so that it's easier to remember (Note, your start URL cannot be modified once it has been customized).
Accept the invitation in your email to join AWS SSO.
Sign out of the IAM management user and sign into the newly created SSO portal.
Google Sign In
If you’re using Google as a sign-in provider, you’ll also want to deploy the sso-sync Lambda to automatically provision user accounts in Identity Center. Otherwise, users will need to be manually added in both Google and AWS.
...
Set Google as an external identity provider using the above guide
...
Create a dedicated Identity account for managing SSO identities. You can add this to the accounts.yaml
file from the template.
...
Delegate IAM administration from the Management account to the Identity account following the delegated administration guide.
...
Info |
---|
The AWS Platform Guide now lives at thoughtbot.com Visit Configure Single Sign On to access this page's content |