Single Sign-On (SSO) in AWS, now called AWS IAM Identity Center, is a centralized authentication service that allows users to access multiple AWS accounts and cloud applications with a single login. Instead of managing separate credentials for each AWS account or service
| Benefit | Description |
|---|---|
| 🔒 No long-lived keys | Uses secure, temporary credentials |
| 🔐 Centralized access | Manage CLI access from Identity Center |
| 🔄 Auto-rotating | No need to manually rotate secrets |
| 🧑🤝🧑 Multiple account/role support | Easily switch between multiple AWS accounts/roles |
| 📋 Audit-ready | CLI sessions appear in CloudTrail for compliance |