SSOAdmin / Client / create_instance



Creates an instance of IAM Identity Center for a standalone Amazon Web Services account that is not managed by Organizations or a member Amazon Web Services account in an organization. You can create only one instance per account and across all Amazon Web Services Regions.

The CreateInstance request is rejected if the following apply:

  • The instance is created within the organization management account.

  • An instance already exists in the same account.

See also: AWS API Documentation

Request Syntax

response = client.create_instance(
            'Key': 'string',
            'Value': 'string'
  • ClientToken (string) –

    Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.

    If you don’t provide this value, then Amazon Web Services generates a random one for you.

    If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

    This field is autopopulated if not provided.

  • Name (string) – The name of the instance of IAM Identity Center.

  • Tags (list) –

    Specifies tags to be attached to the instance of IAM Identity Center.

    • (dict) –

      A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that IAM Identity Center creates in Amazon Web Services accounts.

      • Key (string) – [REQUIRED]

        The key for the tag.

      • Value (string) – [REQUIRED]

        The value of the tag.

Return type:



Response Syntax

    'InstanceArn': 'string'

Response Structure


  • SSOAdmin.Client.exceptions.ServiceQuotaExceededException

  • SSOAdmin.Client.exceptions.ThrottlingException

  • SSOAdmin.Client.exceptions.InternalServerException

  • SSOAdmin.Client.exceptions.AccessDeniedException

  • SSOAdmin.Client.exceptions.ValidationException

  • SSOAdmin.Client.exceptions.ConflictException