I tried to delete the AWS IAM Identity Center (successor to AWS Single Sign-On) permission set and received an error similar to the following:
"This permission set is currently provisioned in xx AWS accounts".
Resolution
To delete the permission set, you must first remove it from the AWS account that it's provisioned for.
- Open the IAM Identity Center console, and then in the navigation pane choose AWS accounts.
- In AWS Accounts, choose the AWS organization tab.
- Choose the AWS account that is associated with the permission set that you want to delete.
- Expand Permission sets, and then choose the permission set that you want to remove.
- In the Remove permission set dialog box, choose Remove access.
- If you have multiple AWS accounts associated with the permission set, repeat steps 3-5.
- Choose AWS Accounts in the navigation pane.
- Choose the Permissions sets tab, choose the permission set, and then choose Delete.
The permission set is now deleted. For more information, see Delete permission sets.
Related information
How do I use IAM Identity Center permission sets?
How do I get started with using IAM Identity Center and access the AWS access portal?