Accessing AWS SSO using the AWS-SDK

Question

Is there a way to interact with the AWS SSO service using the AWS-SDK?

https://aws.amazon.com/single-sign-on/

I am just looking for programmatic access to AWS SSO - with the AWS CLI or with the SDK or anything really.

Answer 1

Unfortunately there isn't. There is however an open issue on the AWS CLI for this - go there and upvote, that's probably the only way to make this happen.

https://github.com/aws/aws-cli/issues/3447

Answer 2

4/21/2021: Take a look at the AWS SSO documentation. There is now an API to manage permission sets and assigning them to users: https://docs.aws.amazon.com/singlesignon/latest/APIReference/welcome.html

Here's the blog on this feature that supports this API: https://aws.amazon.com/blogs/security/use-new-account-assignment-apis-for-aws-sso-to-automate-multi-account-access/:

"AWS SSO recently added new account assignment APIs and AWS CloudFormation support to automate access assignment across AWS Organizations accounts. This release addressed feedback from our customers with multi-account environments who wanted to adopt AWS SSO, but faced challenges related to managing AWS account permissions. To automate the previously manual process and save your administration time, you can now use the new AWS SSO account assignment APIs, or AWS CloudFormation templates, to programmatically manage AWS account permission sets in multi-account environments.

With AWS SSO account assignment APIs, you can now build your automation that will assign access for your users and groups to AWS accounts. You can also gain insights into who has access to which permission sets in which accounts across your entire AWS Organizations structure."

Answer 3

I would like to share this tool that I did using docker. https://hub.docker.com/r/javiortizmol/aws_sso_magic

The image contains:

1. aws cli v2.
2. Python 3.9.
3. aws-sso-magic

Or just install it from pypi.org https://pypi.org/project/aws-sso-magic/