Manage identities in AWS SSO - how to create Users via CLI or API ?
Ref: https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-sso.html
It seems like there is no way to create Users via CLI or API !
Am I missing something?
Note: I am not after external identity provider (IdP) or Microsoft AD. I have simple use case but I wanted to change/manage AWS SSO users in bulk so looking for solution.
- Newest
- Most votes
- Most comments
It's now possible using the new Identity Store API: https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/welcome.html
That's a very, very, very good news.
I am afraid that the answer is no, it is currently not possible to create AWS SSO users via CLI. Having said that, there is already a feature request in place about such functionality. However, I will not be able to provide an ETA at present on when and if such a feature will be released.
With that said, I would also suggest to have a look on this blog which shows "how to bulk import users and groups from CSV into AWS SSO" in case you are interested. https://aws.amazon.com/blogs/security/how-to-bulk-import-users-and-groups-from-csv-into-aws-sso/
Is it possible that with identitystore you only can manage local users (not users from a directory)? I don't see any option to sync any user/group from a AD Connector directory in cli help. Is it only possible to do that with web console?
Relevant content
- Accepted Answerasked 5 months ago
AWS OFFICIALUpdated 8 months ago- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
I maanged to successfully create a user via the API call, but how can this user login? when creating users via the web interface one can choose to send a verification link. what's the equivalent in API-land?