Is there a reason to setup user syncing? I was able to setup SSO without the user syncing: but it only works if I visit the SSO url from inside gsuite (The URL looks something like accounts.google.com/o/saml2/initss...) but the URL for AWS (XYZ.awsapps.com/start) does not work at all. The "accounts.google.com" url works great (and lets me log into AWS with the right role) but the "awsapps.com" URL lets me log in but eventually I see "app_not_configured_for_user". Is this because I did not setup user syncing?
if you don’t you need to manually add users in the AWS SSO users and groups section
That wasn't true. I was able to sign in without manually adding any users. I just had to use the URL from gsuite and not the one from AWS, so it was unclear what the user sync does.
The user sync populates the users and groups in AWS SSO so that you can then assign AWS accounts and permission sets.
I’ll have to try it again but when I put this together when I had no users defined, when I logged in via g-suite I would get a blank screen with an error about no assigned resources.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Is there a reason to setup user syncing? I was able to setup SSO without the user syncing: but it only works if I visit the SSO url from inside gsuite (The URL looks something like accounts.google.com/o/saml2/initss...) but the URL for AWS (XYZ.awsapps.com/start) does not work at all. The "accounts.google.com" url works great (and lets me log into AWS with the right role) but the "awsapps.com" URL lets me log in but eventually I see "app_not_configured_for_user". Is this because I did not setup user syncing?
That error is because you have not setup a user in AWS SSO that matches the id you have logged in as.
You don’t need syncing but if you don’t you need to manually add users in the AWS SSO users and groups section.
Thanks for the reply.
That wasn't true. I was able to sign in without manually adding any users. I just had to use the URL from gsuite and not the one from AWS, so it was unclear what the user sync does.
The user sync populates the users and groups in AWS SSO so that you can then assign AWS accounts and permission sets.
I’ll have to try it again but when I put this together when I had no users defined, when I logged in via g-suite I would get a blank screen with an error about no assigned resources.