tagging a AWSReservedSSO role wit SSMSessionRunAs

0

Hi, I'm working with AWS SSO based on Jumpcloud external Idp. I'd like to find a way to put the tag SSMSessionRunAs tag to the AWSReservedSSO role created by SSO into AWS accounts. If I try to put the tag directly I receive: "Cannot perform the operation on the protected role 'AWSReservedSSO_xxxxx' - this role is only modifiable by AWS"

Someone know a way to do that ? Or maybe a "plan B" or a way to add the tag SSMSessionRunAs ?

Thanks a lot Dario

1 Antwort
0

Assume you want to use this for SSM and not only for tagging - this post describes the process with Okta but it should be quite similar with JumpCloud. You can provide the attribute as part of the assertion and then leverage it in the Permission Set.

AWS
EXPERTE
Raphael
beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen