missing features in identitystore api/cli

AWS IAM Identity Store identitystore has following methods available as of today aug, 20th, 2024.

• create-group
• create-group-membership
• create-user
• delete-group
• delete-group-membership
• delete-user
• describe-group
• describe-group-membership
• describe-user
• get-group-id
• get-group-membership-id
• get-user-id
• is-member-in-groups
• list-group-memberships
• list-group-memberships-for-member
• list-groups
• list-users
• update-group
• update-user

You might have already referred the CLI doc, here is the link for reference identitystore CLI.

Service teams keep adding features and functionalities to the service but as of today none of the features(you mentioned) are available in CLI. If you have enterprise support, ask your account team for adding the feature request and service team would decide on whether to prioritize the feature and add in service roadmap or this can wait.

Hope it helps, comment here if you have additional questions.

Happy to help.

Abhishek

IAM Identity Center does not support password policy configuration. There is an existing feature request to support it with a lot of customers requesting for it, but currently no estimated ready time.

The rest 3 functions in your list are supported, but you can only trigger that from the console, there are no APIs.

The built in Identity Store of Identity Center is mostly used for small projects, proof of concepts, etc. For large enterprises or solutions that require full blown authentication features, it is suggested to use other identity source like an external identity provider integrating with Identity Center.