AWS SSO - Manage Users
I'm seeing a problem today that I haven't previously encountered.
When I navigate to the AWS SSO Users page there is a information message displayed at the top of the screen.
Your identity source is currently configured as 'External identity provider'. To add new users or edit their attributes, you must do this using your external identity provider.
Along with this message the 'Add user' button has been removed from the UI.
The problem is that my External identity provider is G Suite, and as stated in the AWS Docs for setting up SSO with G Suite.
AWS SSO supports automatic user provisioning via the System for Cross-Identity Management (SCIM). However, this is not yet officially supported for G Suite custom SAML applications. In the meantime, you can manually create users.
I have a new user that I need to create an SSO account for but I'm now completely unable to do this. This has never been a problem before and I successfully added a user in this way on the 23rd May, just 3 days ago.
What is the Provisioning method, "SCIM" or "AWS SSO"?(You can see it at "AWS SSO" Management Console -> "Settings" -> "Identity source" Tab.)
If "SCIM", you cannot edit the users and groups on AWS SSO. Can you disable it with the steps described at below link?
Thank you. Yes that was the problem. The provisioning method had been set to SCIM. Disabling automatic provisioning has given me back the Add User Button.
Can I change the password policy for the SSO identity store?asked 2 months ago
AWS SSO Current Account Nameasked 5 months ago
I am unable to customise my AWS SSO URLasked 2 months ago
AWS SSO - Manage UsersAccepted Answerasked a month ago
Migrate IAM Users to AWS SSOasked 24 days ago
SSO users get error when trying to register an MFA device "It's not you, it's us"asked 2 months ago
Manage identities in AWS SSO - how to create Users via CLI or API ?asked 7 months ago
How do I sign into re:Post using AWS SSO?Accepted Answerasked 7 months ago
AWS Service Catalog. Grant SSO Users to the Portfolioasked 2 months ago
Can I keep existing IAM users and add SSO to our accountsasked 2 years ago