Configure your ~/.aws/config like this:
[profile profile1]
sso_start_url = https://yourcompany.awsapps.com/start/
sso_region = eu-central-1
sso_account_id = xxxxxxxxxxxx
sso_role_name = devops-admin
region = eu-europe-1
output = json
Now, login using the following command:
aws sso login --profile profile1
When the web browser popup, choose Allow and go back to the shell. After that, issue new commands like this:
aws s3 ls --profile=profile1
Now, to be able to stop using --profile parameter every time, export the AWS_PROFILE variable:
<code>export AWS_PROFILE=<span style="background-color: initial; font-family: inherit; font-size: inherit; color: var(--ast-global-color-3);">profile1</span></code>
To logout:
aws sso logout
If you find the error bellow, run aws sso login again:
Error loading SSO Token: The SSO access token has either expired or is otherwise invalid.
More info: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
