It's not an easy task, you need to have a plan because it not just involves copy-and-paste the username, but also the permission configuration in your account (Otherwise, you'll just create a bunch of users without any permission).
- First, you need to gather the list of IAM users, and categorise them into groups according to their permission level.
- For every permission level, you need to create a permission set
- Create SSO users (Note that the information required is more than IAM users, you'll need the users' email address. So you can't simply copying the IAM username here)
- Create group and add the SSO users into them by the permission category you defined earlier
- Assign permission sets to different groups
Migrating to AWS SSO is not just a technical task but also an opportunity to review the access management of your organisation.
- asked 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
- EXPERTpublished 9 days ago
- EXPERTpublished 6 months ago