Skip to content

Add identitystore CLI to check for active sessions and terminate sessions and disable SSO users #9954

New issue
New issue
Open
Open
Add identitystore CLI to check for active sessions and terminate sessions and disable SSO users#9954
Labels
feature-requestA feature should be added or improved.needs-triageThis issue or PR still needs to be triaged.
@jspiegelbe

Description

@jspiegelbe
jspiegelbe
opened on Dec 29, 2025

Describe the feature

Add cli options to identitystore to check for active sessions for SSO users, to terminate those sessions and disable those SSO users. This is the equivalent of going to Identity Center>Users, selecting the corresponding user, clicking the Active Sessions tab, selecting the active session and clicking 'End Sessions' or 'Disable User Access'.

Use Case

Account hijacking. We want to automate the response where there has been a suspected case of account hijacking by both disabling the sso user and terminating any active sessions. Currently there is no cli option for either.

Proposed Solution

No response

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CLI version used

aws-cli/2.30.0 Python/3.13.7 Windows/11 exe/AMD64

Environment details (OS name and version, etc.)

Microsoft Windows NT 10.0.26100.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature-requestA feature should be added or improved.needs-triageThis issue or PR still needs to be triaged.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions