79733062

Date: 2025-08-12 11:15:06
Score: 0.5
Natty:
Report link

I got the same issue. You might delete a user, and create a new one.

In this case, the following command shows an error.

'''

response=$(aws sso-admin list-instances) ssoId=$(echo $response | jq '.Instances[0].IdentityStoreId' -r) ssoArn=$(echo $response | jq '.Instances[0].InstanceArn' -r) email_json=$(jq -n --arg email "$user_email" '{"Type":"Work","Value":$email}') response=$(aws identitystore create-user --identity-store-id $ssoId --user-name amplify-admin --display-name 'Amplify Admin' --name Formatted=string,FamilyName=Admin,GivenName=Amplify --emails "$email_json") userId=$(echo $response | jq '.UserId' -r) response=$(aws sso-admin create-permission-set --name amplify-policy --instance-arn=$ssoArn --session-duration PT12H) permissionSetArn=$(echo $response | jq '.PermissionSet.PermissionSetArn' -r) aws sso-admin attach-managed-policy-to-permission-set --instance-arn $ssoArn --permission-set-arn $permissionSetArn --managed-policy-arn arn:aws:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess accountId=$(aws sts get-caller-identity | jq '.Account' -r) aws sso-admin create-account-assignment --instance-arn $ssoArn --target-id $accountId --target-type AWS_ACCOUNT --permission-set-arn $permissionSetArn --principal-type USER --principal-id $userId # Hit enter

'''

Due to duplicated "Permission sets"

If you delete Permission set, amplify-policy, and re-generate resources correctly. It will work well.

Reasons:
  • Long answer (-1):
  • No code block (0.5):
  • Low reputation (1):
Posted by: user31260619