I am trying to get a federated user access to AWS API using PowerShell. (Link provided below)
AWS is properly configured to work with AD. (It works for bunch of my colleagues)
I am using PowerShell script to access the AWS API's.
The problem occurs when I try to run the command Set-AWSSamlRoleProfile.
Error:
C:\Windows\system32> Set-AWSSamlRoleProfile -EndpointName $EndpointName -PrincipalARN $PrincipalARN -RoleARN $RoleARN -StoreAs 'SAMLUser' > $null
Set-AWSSamlRoleProfile : Unable to set credentials: "choices" should have at least one element.
At line:1 char:1
+ Set-AWSSamlRoleProfile -EndpointName $EndpointName -PrincipalARN $Pri ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (Amazon.PowerShe...leProfileCmdlet:SetSamlRoleProfileCmdlet) [Set-AWSSamlRoleProfile], ArgumentException
+ FullyQualifiedErrorId : ArgumentException,Amazon.PowerShell.Common.SetSamlRoleProfileCmdlet
Any help or guidance appreciated.
In my case, the issue was that the user (me) was not part of the group by AD.
Hope it helps someone else.