Introducing AWS SSO support in the AWS Toolkit for VS Code
With the latest release, you can get connected with AWS SSO in the AWS Toolkit for VS Code. To get started you will need the following prerequisites: Configured single sign-on by enabling AWS SSO, managing your identity source, and assigning SSO access to AWS accounts. For more, information see Using AWS SSO Credentials docs as well.
You will also need to create a profile. You can either manually create a profile like the example below in your credentials or config file or simply run
aws configure sso.
Example of a named profile in credentials file:
# URL pointing to the organization's SSO user portal.
sso_start_url = https://my-sso-portal.awsapps.com/start
#AWS Region that contains the SSO portal host. Can be different than the default region parameter.
sso_region = us-east-1
#AWS account ID that contains the IAM role with the permission that you want to grant to the associated AWS SSO user.
sso_account_id = 123456789011
#Specifies the name of the IAM role that defines the user's permissions when using this profile to get credentials through AWS SSO.
sso_role_name = readOnly
#[OPTIONAL] IAM Specifies the AWS Region that contains the AWS SSO portal host. This is separate from and can be a different AWS Region than that specified by the default region parameter.
region = us-west-2
To log in, run the AWS: Connect to AWS command from the command palette or from the AWS Explorer menu and choose the profile you configured with the above properties. Your default browser will launch and bring you to the portal you assigned in the sso_start_url property.
Once you complete the authorization, VS Code will be granted temporary credentials. Simply return to VS Code and you should observe you now have access to the resources of the role given by the sso_role_name property. If you exit the IDE or the credentials expire, you will need to log in again.
In this post we overviewed connecting with your AWS SSO roles in the AWS Toolkit for VS Code IDE. Install the Toolkit to try these features and check out the user guide to learn more. The AWS Toolkit for VS Code is an open source project, so please share your feedback and feature request issues on GitHub or via the built-in feedback tool in the IDE plugin.