How can I resolve the IAM Identity Center error message "This permission set is currently provisioned in xx AWS accounts"?
Last updated: 2022-02-01
I tried to delete the AWS IAM Identity Center (successor to AWS Single Sign-On) permission set and received an error similar to the following:
"This permission set is currently provisioned in xx AWS accounts".
To delete the permission set, you must first remove it from the AWS account that it's provisioned for.
- Open the IAM Identity Center console, and then in the navigation pane choose AWS accounts.
- In AWS Accounts, choose the AWS organization tab.
- Choose the AWS account that is associated with the permission set that you want to delete.
- Expand Permission sets, and then choose the permission set that you want to remove.
- In the Remove permission set dialog box, choose Remove access.
- If you have multiple AWS accounts associated with the permission set, repeat steps 3-5.
- Choose AWS Accounts in the navigation pane.
- Choose the Permissions sets tab, choose the permission set, and then choose Delete.
The permission set is now deleted. For more information, see Delete permission sets.