Logging in with SSO via AWS CLI

This is mostly a reminder for myself on how to use the service account user I set up in AWS to access resources via the AWS CLI.

1. Set up your user according to the steps listed here: Configure user access with the default IAM Identity Center directory
2. Once you've got the user, make sure to save their unique URL to login to.
3. To login, use the above link to login.
4. Under the AWS Access Portal > AWS Accounts, find the user, and select Access Keys.
5. From here, copy the SSO Start URL, and the SSO Region.
6. Use aws configure SSO, and set the name and details from above.

Once your profile is saved, all the login details for that will be saved to your machine.

To login with this profile, use the command aws sso login --profile your-profile-name. It should open a browser page where it will authenticate you and give you a successful message.

You can also use aws sts get-caller-identity to then verify that you're logged in.

The session duration will depend on the expiration set in the permission set within the AWS console.