Blog

How to view AWS accounts attached to IAM Identity Center (SSO) groups

Tibor Hercz

Updated April 30, 2025

1 minute

GitHub Source: aws-iam-identity-center-explorer

The AWS IAM Identity Center (Successor to AWS Single Sign-On) web console can be hard to navigate when trying to view the AWS accounts attached to an AWS IAM Identity Center (Successor to AWS Single Sign-On) group. This involves a lot of going back and forth between pages to get this seemingly simple information. Having done this multiple times and wasting an equal amount of time. I took the time to create a simple Go tool aws-iam-identity-center-explorer making use of the AWS SDK to retrieve this information and output it in a JSON structure.

More information about the aws-iam-identity-center-explorer can be found in the GitHub repository

The aws-iam-identity-center-explorer has two data representation options:

Groups

Accounts attached to groups:

{
  "GROUP_DISPLAY_NAME": [
    {
      "AccountName": "ACCOUNT_NAME",
      "AccountId": "ACCOUNT_ID"
    },
    {
      "AccountName": "ACCOUNT_NAME",
      "AccountId": "ACCOUNT_ID"
    }
  ]
}

Accounts

Groups attached to accounts

{
  "ACCOUNT_ID": {
    "AccountName": "ACCOUNT_NAME",
    "Groups": [
      "GROUP_DISPLAY_NAME",
      "GROUP_DISPLAY_NAME"
    ]
  }
}

Tags:

Cloud

Written by

Tibor Hercz

Tibor is a Cloud Consultant specialized in AWS with a strong background in Software engineering and has a passion for Compute, Networking and Security. His goal is to create simple Cloud Solutions that increases the efficiency and overall happiness of the teams and business. Sharing knowledge is important to him, so you will see him blogging and sharing knowledge about solutions he has built.

Our Ideas