Setting up AWS IAM Identity Center (AWS Single Sign-On, SSO) allows you to centrally manage user access across multiple AWS accounts and applications. Here’s a simple and human-friendly guide to getting it up and running.

Step 1: Sign in to AWS and Open IAM Identity Center

1. Go to the AWS Management Console and log in with an account that has admin privileges.
2. In the search bar, type "IAM Identity Center" and click on it.

Step 2: Enable IAM Identity Center

1. If this is your first time using Identity Center, you’ll see a “Enable IAM Identity Center” button. Click it.
2. AWS will set it up for you in the default AWS Region (you can change this later).

Step 3: Configure Your Identity Source

You need to decide where your users' login information will come from. AWS gives you three options:

AWS IAM Identity Center directory (Default) – Ideal for small teams. You create users inside AWS.

Active Directory – Connects to Microsoft AD for larger enterprises.

External Identity Provider (IdP) – Uses services like Okta, Google Workspace, or Azure AD.

For a quick setup, choose AWS IAM Identity Center directory and click Next.

Step 4: Create Users and Groups

Now, let’s add people who will access AWS through Identity Center.

A. Add Users