Create an external identity provider in AWS IAM/Access management/identity_providers/
create a SAML type identity_providers
Set up an external identity provider in AWS AWS SSO/Settings
Configure SAML SSO in your own identity provider Create AWS IAM role Access Management/SAML 2.0 Federation
set the provider you created above as the SAML provider. Select Allow programmatic and AWS Management Console access.
On the Attach Permission Policies page, select the appropriate policies to attach to the role.