I have configured AWS SSO to use Google as an IdP. It's working fine.
However, since I have multiple google accounts I often have to go through the multiple login 'chooser'.
When accessing Google services I can use a bookmark/URL like this to jump past the multiple login page
https://mail.google.com/mail/?authuser=user@domain1.com
https://mail.google.com/mail/?authuser=an-other-user@domain1.com
https://mail.google.com/mail/?authuser=user@domain2.com
Is there an equivalent for AWS SSO start url?
e.g.
In .aws/config I have something like this:
[profile admin]
sso_start_url = https://XXXXX.awsapps.com/start
sso_account_id = XXXXX
sso_role_name = AdministratorAccess
What can I add to the sso_start_url such that it is passed to Google IdP during the SSO handshake, each aws account is associated with a single google identity, so I will never need to choose google account for a given aws cli profile.
I've tried
# This has no effect
sso_start_url = https://XXXXX.awsapps.com/start?authuser=user@domain1.com
# OIDC seems to support login_hint, but this has no effect
sso_start_url = https://XXXXX.awsapps.com/start?login_hint=user@domain1.com
Perhaps some configuration is required on the AWS or Google end to support this?
