Fixing AWS SSO if you accidentally deleted SSO identity provider
Tutorial: what to do if you accidentally deleted the *_DO_NO_DELETE identity provider from an org account which is used by AWS SSO
Yevgeny Pats • May 16, 2022
In this short tutorial we will go through what to do if you accidentally deleted the
AWSSSO_asd123456678_DO_NO_DELETEidentity provider from an org account which is used by AWS SSO (take a look at our previous blog setting up AWS SSO with Google Workspace).
AWSSSO_1233424_DO_NOT_DELETEidentity provider will prevent you from accessing the account via the AWS SSO screen.
- If you deleted the identity provider in your root account where your AWS SSO is managed you will need to login with the root account.
- Once you are in the AWS SSO dashboard click AWS accounts
- Click on the account that you’ve deleted access to.
- Remove access to all existing users and groups by clicking on them and then clicking on the “remove access” button.
- Add all users back by clicking on the "assign users or groups" button
- Voilà! now you should be back in business.