Log in to the AWS Management Console using the credentials of the AWS Organization master account.
Open the AWS SSO Console.
Choose the Enable AWS SSO option.
AWS SSO’s Single Sign-On feature provides a default repository for storing Users and Groups. If you opt to host them in AWS SSO, the process involves:
Creating a User and Group.
Adding the User as a Group member.
Specifying Groups with the desired level of access to AWS accounts and applications.