1 回答
- 最新
- 投票最多
- 评论最多
1
Hi, yes, you to need refresh with a new aws sso login each time the session duration that you defined is reached.
See https://docs.aws.amazon.com/singlesignon/latest/userguide/howtosessionduration.html
For each permission set, you can specify a session duration to control the length of time
that a user can be signed in to an AWS account. When the specified duration elapses,
AWS signs the user out of the session.
When you create a new permission set, the session duration is set to 1 hour (in seconds)
by default. The minimum session duration is 1 hour, and can be set to a maximum of 12 hours.
IAM Identity Center automatically creates IAM roles in each assigned account for each permission
set, and configures these roles with a maximum session duration of 12 hours.
I would also suggest reading https://ben11kehoe.medium.com/you-only-need-to-call-aws-sso-login-once-for-all-your-profiles-41a334e1b37e It does a very good job in explaining how aws sso login works, especially when it is used to get access to different applications.
Best,
Didier
相关内容
AWS 官方已更新 3 年前- AWS 官方已更新 3 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 6 个月前
Hi! I read that article, thank you. However, as this is very new to me, I may confuse things. You said, that I have to run
aws sso logineach time the session duration is reached. The maximum session duration is 12 hours, which means I have to open the browser 2 times a day. But from the article, it follows that I need to do it only once. So, what's the correct answer in the end?Do people receive comment notifications?