Differences

This shows you the differences between two versions of the page.

--- cloud:aws:iam [2023/10/20 11:50] – skipidar
+++ cloud:aws:iam [2023/11/01 07:13] (current) – ↷ Page moved from business_process_management:camunda:cloud:aws:iam to cloud:aws:iam skipidar
@@ Line 36: / Line 36: @@
 where you can pick the "myssoportal" freely.
+=== SSO from a CMD / Shell ===
 When the setup is done \\
@@ Line 63: / Line 65: @@
 From where you can approve the request:
-{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/gdnlKAhViU.png}}
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/gdnlKAhViU.png?550x250}}
 Dont forget to log out:
@@ Line 72: / Line 74: @@
+=== SSO to AWS management console ===
 To SSO into the AWS console - your also can navigate directly to \\
@@ Line 80: / Line 83: @@
-== Setting it up ==
+==== Setting up SSO via "identity portal" ====
 As in https://medium.com/@pushkarjoshi0410/how-to-set-up-aws-cli-with-aws-single-sign-on-sso-acf4dd88e056
@@ Line 136: / Line 139: @@
 sso_account_id = 36********63
 output = json
-sso_session = mysso
 sso_role_name = Admin-NoIAM-NoBilling
 </code>
+== Provisioning the permission sets ==
+Newly defined permission sets remain in the "not provisioned" state.
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/FCrkJqPZXz.png?475x141}}
+To become available anywhere - they must be explicitly assigned to an account.
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/INbUFPxaxf.png?475x141}}
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/0sSljOCYoC.png?475x141}}
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/kx8vD6eKyB.png?475x141}}
+Only then the permission sets become "provisioned"
+{{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/d8Eub00GLN.png?475x141}}