Session Name for SSO using AWS CLI

Rich BuggyRich Buggy
1 min read

About a year ago I released a video How to log into AWS SSO from the command line on the Rich Develops YouTube channel. At the time the AWS CLI didn't prompt you for a sessions name and since then a few people have asked what this is for.

The simple version is that the session name is used to store information about IAM Identity Center portal that you use to login and access your accounts. It will add an sso-session section to your ~/.aws/config containing information the following information.

[sso-session SESSION_NAME]
sso_start_url = https://SOMETHING.awsapps.com/start
sso_region = us-east-1
sso_registration_scopes = sso:account:access

Your profile sections will then look like

[profile PROFILE_NAME]
sso_session = SESSION_NAME
sso_account_id = ############
sso_role_name = AWSAdministratorAccess

The next time you add a profile you can reuse the same session name. This avoids the need to reenter all of the data. Of course if you’re logging into a different IAM Identity Center portal you can create a new session.

0
Subscribe to my newsletter

Read articles from Rich Buggy directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSaws cliAWS IAM Identity Center

Written by

Rich Buggy
Rich Buggy

Engineering Manager ⬩ Serverless Developer ⬩ AWS Community Builder 📹 http://youtube.com/@RichDevelops