AWS Tools for Windows PowerShell
Command Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Synopsis

Creates or updates a profile with the configuration values required to use AWS SSO.

Syntax

Initialize-AWSSSOConfiguration
-SessionName <String>
-AccountId <String>
-RoleName <String>
-StartUrl <String>
-SSORegion <String>
-RegistrationScopes <String[]>

Description

The Initialize-AWSSSOConfiguration cmdlet creates or updates a profile with the configuration values required to use AWS IAM Identity Center for single sign-on (SSO). The configuration is saved in the shared configuration file '~/.aws/config'. When any of the following parameters are omitted, the cmdlet prompts for their values interactively: ProfileName, SessionName, AccountId, RoleName, StartUrl, and SSORegion. When profile configuration is complete, login flow is automatically initiated by calling the Invoke-AWSSSOLogin cmdlet.

Parameters

-AccountId <String>
Identifier for the AWS account that is assigned to the user.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-RegistrationScopes <String[]>
List of scopes to be authorized for the SSO session. Scopes authorize access to IAM Identity Center bearer token authorized endpoints. Default value is sso:account:access.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-RoleName <String>
Name of the IAM Identity Center permission set that is assigned to the user.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-SessionName <String>
Name of an sso-session section of the configuration file that is used to group configuration variables for acquiring SSO access tokens, which can then be used to acquire AWS credentials.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-SSORegion <String>
AWS Region that contains the AWS access portal host. This is separate from, and can be a different Region than, the profile region parameter.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-StartUrl <String>
URL that points to the organization's AWS access portal.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)

Common Credential and Region Parameters

-ProfileName <String>
Name of the profile that will be saved in the shared configuration file '~/.aws/config'.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)
-Region <String>
System name of an AWS Region that will be set for a specified profile.
Required?False
Position?Named
Accept pipeline input?True (ByPropertyName)

Outputs

None
This cmdlet does not generate any output.

Examples

Example 1

Initialize-AWSSSOConfiguration
Interactively prompts for the configuration values required to create a profile.

Example 2

$params = @{
ProfileName = 'sso-test-profile'
AccountId = '012345678901'
RoleName = 'ReadOnlyAccess'
SessionName = 'sso-session-d-xxxxxxxxxx'
StartUrl = 'https://d-xxxxxxxxxx.awsapps.com/start'
SSORegion = 'us-east-1'
};
Initialize-AWSSSOConfiguration @params
Creates a profile 'sso-test-profile' with the configuration values and then initiates SSO login flow.

Supported Version

AWS Tools for PowerShell: 2.x.y.z