How to set up user access to our AWS environment by SSO:
Start by creating a user in Azure, ensuring you fill in all the necessary user details, including their name and last name.
If required, create a group in Azure. Currently, there are three groups in Azure: "AWS Administrator", “AWSConnectors” and "AWS Read-Only Access."
When creating a new group in Azure, it's important to navigate to the group settings and, on the left-hand side, select "Applications." From there, you can attach the AWS Single Sign-On app to the group.
Keep in mind that the provisioning process between Azure and AWS takes approximately 40 minutes, and it's automated, so manual intervention is not necessary.
Once the user is visible in the AWS platform, navigate to the IAM Identity Center and locate the user section.
Don't forget to verify the groups in the IAM Identity Center to confirm the group you created in Azure is present.
In the IAM Identity Center's AWS Accounts section, you should attach this group to the relevant AWS account.
At this stage, it's essential to grant access to the group and specify which accounts this group can access.
In the final step, log in using the provided email address and Azure password to verify the users' access to the AWS environment. After confirming their access, share both the email address and password with the respective users.
Just as a reminder, the login link for accessing AWS Single Sign-On (SSO) is: