Allow external members in groups to be users in IAM Identity Center?

[nandubatchu]

Is your feature request related to a problem? Please describe. As I have added Google Workspace SSO as the identity provider for my AWS Identity setup - I need to add users only via Google Workspace. How can I manage access to external users (who are not part of my google workspace as users - but can be included in groups)?

Describe the solution you'd like I would like to create AWS Identity users for some of the external members (which belong to a different domain) but are under a group in my google workspace.

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

Additional context Add any other context or screenshots about the feature request here.

[ChrisPates]

Sadly this is not possible because external user access in Google is based Identity-Aware Proxy, however this does not have the ability to act as a SAMLv2 identity provider. So can't be used for federated access via AWS IAM Identity Center. For this reason external members of Groups in the Google Directory are intentionally ignored.