AWS Single Sign-On
AWS Single Sign-On (SSO) makes it easy to centrally manage access to multiple AWS accounts and business applications and provide users with single sign-on access to all their assigned accounts and applications from one place. With AWS SSO, you can easily manage access and user permissions to all of your accounts in AWS Organizations centrally. AWS SSO configures and maintains all the necessary permissions for your accounts automatically, without requiring any additional setup in the individual accounts. You can assign user permissions based on common job functions and customize these permissions to meet your specific security requirements. AWS SSO also includes built-in integrations to many business applications, such as Salesforce, Box, and Office 365.
With AWS SSO, you can create and manage user identities in AWS SSO’s identity store, or easily connect to your existing identity source, including Microsoft Active Directory, Okta Universal Directory, and Azure Active Directory (Azure AD).
It is easy to get started with AWS SSO. With just a few clicks in the AWS SSO management console you can connect AWS SSO to your existing identity source and configure permissions that grant your users access to their assigned AWS Organizations accounts and hundreds of pre-integrated cloud applications, all from a single user portal.
Below are the cmdlets which are available with AWS Single Sign-On
| CmdletName | ServiceOperation | ServiceName |
| Close-SSOSession | Logout | AWS SingleSign-On |
| Get-SSOAccountList | ListAccounts | AWS SingleSign-On |
| Get-SSOAccountRoleList | ListAccountRoles | AWS SingleSign-On |
| Get-SSORoleCredential | GetRoleCredentials | AWS SingleSign-On |
| New-SSOOIDCToken | CreateToken | AWS SingleSign-On OIDC |
| Register-SSOOIDCClient | RegisterClient | AWS SingleSign-On OIDC |
| Start-SSOOIDCDeviceAuthorization | StartDeviceAuthorization | AWS SingleSign-On OIDC |
You can also check other AWS Services, and each services cmdlets we are providing.
