I'm getting a "no access" response when I try to access to an account using SSO portal. I've configured AD directory with AD Connector and synced groups. I can login in web and aws cli, see the configured accounts and permissions sets but when I try to access I'm always getting this response:
'{"message":"No access","__type":"com.amazonaws.switchboard.portal#ForbiddenException"}'
Same response from web and aws cli. I tried to roll back to Identity Center directory (local users and groups) and with local users it's working fine. Only fails with AD users. I've checked SSO roles and identity providers are correctly created on every managed account.
Any idea about what is happening?
Thanks and regards,
Guillem