Use the AWS CLI to manage login credentials for SSO-managed accounts. You no longer have to update access keys several times a day.
To get started, log in using SSO and navigate to the AWS SSO Portal. Make note of the SSO portal URL, which looks similar too:
Create an AWS Named Profile for each account you want to configure. Use the
--profile flag or export the
AWS_PROFILE environment variable:
Use the configure command to setup SSO access for the Named Profile:
aws configure sso
This creates the NamedProfile if it did not already exist. An entry should be added to your
[profile work-dev-profile] sso_start_url = https://d-123abcd4e6.awsapps.com/start sso_region = us-east-1 sso_account_id = 123456789012 sso_role_name = Work-Dev-SSO region = us-east-1
Log in, using:
aws sso login
Validate your connection details have been configured properly by running:
aws sts caller-identity
Repeat for other accounts.