IAM Identity Center Applications Metadata

It seems there is currently no way to create applications in IAM Identity Center programmatically but is there any way that the metadata for an already created application can be fetched programmatically? I have checked the cli and neither aws sso or aws sso-admin has an option for applications, and the same goes for boto3.

Is this just not possible yet?

ns-simon
1 年前
Were you able to find anything? I came here to ask the same question.

We are specifically looking for a way to list the users who have been granted access to an IAM IC-enabled application so we can automate the provisioning of those users into said application. Using IAM groups isn't always an option (say if you federate with Azure AD and your E3 license precludes the provisioning of groups...bummer).

主题

管理与治理安全、身份和合规性

标签

AWS 命令行界面 AWS IAM 身份中心

语言

English

Bobk

已提问 1 年前242 查看次数

1 回答

最新
投票最多
评论最多

这些答案有用吗？为正确答案投票，以帮助社区从您的知识中受益。

Unfortunately not. The console is the only method I have been able to find thus far.

Bobk

已回答 1 年前

ns-simon
1 年前
FWIW, we were recently talking with AWS support and they recommended that we use Cognito instead of IAM Identity Center. It does have some benefits, such as the ability to mix/match local pool users, federated users, as well as user aliasing.

If you are using Shibboleth (like us), prepare to pull you hair out...

IAM Identity Center Applications Metadata

相关内容