1 Answer
- Newest
- Most votes
- Most comments
0
sso-directory
is the services prefix for the AWS IAM identity Center directory (successor to AWS Single Sign-On directory or AWS SSO directory)
, while identitystore
is the services prefix for the AWS Identity Store (legacy term: AWS SSO store or AWS SSO identity store).
So both exist, but are used for different things.
To give an example:
identitystore:CreateGroup
would grant permission to create a group in the specified IdentityStoresso-directory:CreateGroup
would grant permission to create a group in the directory that AWS IAM Identity Center provides by default
answered 9 months ago
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- What's the difference between Lambda function execution role permissions and invocation permissions?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago