amazon-web-servicesaws-cloudformationaws-sso

Is there a way to provision aws sso users via cloudformation/cdk?


Looking at this guide: https://aws.amazon.com/blogs/security/use-new-account-assignment-apis-for-aws-sso-to-automate-multi-account-access/

It only shows how to assign permission sets to already existing users. Also looking at the cloudformation documentation, it does not mention anything about users.

Is there a way to create aws sso users via cloudformation or cdk?


Solution

  • Sadly this is not yet supported. AWS docs say that in future such support should be added, at least to AWS API, which then you could use from custom resources in CloudFormation:

    Future updates to AWS SSO Identity Store APIs, including additions for creation and modification of users and groups, will be documented in this reference as they are released.