sso_region - AWS SDKs and Tools


Specifies the AWS Region that contains the AWS Single Sign-On (AWS SSO) portal host. This is separate from and can be a different AWS Region than that specified by the default region parameter.


When the AWS SSO settings are specified in a profile, the SDK or tool connects to the AWS SSO portal specified in sso_start_url and sso_region. After the user successfully authenticates with AWS SSO, the portal returns short-term credentials for the IAM role specified by the sso_account_id and sso_role_name.

Default value: None. You must set this value explicitly if you want to use AWS SSO.

Valid values: This value must be a valid code for an AWS Region. For example, us-west-2.

For a complete list of the AWS Regions and their codes, see Regional Endpoints in the Amazon Web Services General Reference.

If you set this value, you must also set sso_account_id, sso_role_name, and sso_start_url in the same profile.

Ways to set this value

Location Supported Example
config file Yes
sso_region = us-east-1 sso_account_id = 123456789012 sso_start_url = sso_role_name = SSOReadOnlyRole
credentials file -
Environment variable -
AWS CLI parameter -

Compatibility with AWS SDKS and tools