sso_account_id - AWS SDKs and Tools Shared Configuration and Credentials


Specifies the AWS account ID that contains the IAM role with the permission that you want to grant to the associated AWS Single Sign-On (AWS SSO) user.


When the AWS SSO settings are specified in a profile, the SDK or tool connects to the AWS SSO portal specified in sso_start_url and sso_region. After the user successfully authenticates with AWS SSO, the portal returns short-term credentials for the IAM role specified by the sso_account_id and sso_role_name.

Default value: None. You must set this value explicitly if you want to use AWS SSO.

Valid values: Must be a valid AWS account ID number.

If you set this value, you must also set sso_region, sso_role_name, and sso_start_url in the same profile.

Ways to set this value

Location Supported Example
config file Yes
sso_account_id = 123456789012 sso_start_url = sso_region = us-east-1 sso_role_name = SSOReadOnlyRole
credentials file -
Environment variable -
CLI parameter -

Compatibility with AWS SDKS and Tools