Hi, I have an AWS organization where I have the management account (my root account) and I added a member account.
In the management account I created an Identity center instance (us-east-1) to connected through SSO with an IdP. Now I decided, to sign in as the member account and from there I created as well an Identity Center instance(us-west-2), a brand new one, different from the one on management account. Then just to verify, from the AWS CLI the identity center id a.k.a identiry store id, I used the command: aws sso-admin list-instances --region us-west-2, with this command I got the id of the instance just created and if i edited to:
aws sso-admin list-instances --region us-east-1 , I got the instance id of the management account. Well so that´s great from the member account I´m able to get the Identity Store ids but then If i switch to the management account and I tried to use AWS CLI with the same logic, I just get result of the id from the instance created on the management account and not the one that I created on the member account. :( I have tried everything and no results.
Also for me this is a weird behavior, Why from a member account I can see more ids than in the management account?