If you're stuck trying to configure CLI sign-on from the AWS documentation article it's because you need to create User through IAM Identity Center, which is not the same thing as creating as User through IAM.
I thought it'd be a good idea to user the AWS CLI, because I'm a command line super user and maybe it would be an easier way for me to go back and forth between the root user and my IAM user account, and also to visualize those big policy JSON files.
First I try this AWS documentation article on the command-line sign-in, which is a simple one-liner
aws sso login --profile my-profileHowever, that simple command has a prerequisite article on configuring the CLI for single-sign-on. So I spend quite a bit of time on its prerequisite. After a lot of re-reading of the documentation I stumble my way to creating a user through the IAM Identity Center (IAMIC), which is different from creating a User through IAM. The IAMIC User has the unique property of having something called an access portal. It is from this access portal that you can access the necessary information to configure the CLI.
Comments