AWS Single Sign-On is a cloud-based single sign-on (SSO) service that makes it easy to centrally manage SSO access to AWS resources.
You do not need to specify any user credentials explicitly in DBeaver connections configuration. All authorization is performed in a web browser in a 3rd party SSO provider, e.g. Google workspace, Microsoft AD portal, Facebook, etc.
You need to install AWS CLI (Command Line Interface) utilities to enable SSO authorization.
AWS CLI installation
AWS CLI version 2.2 is recommended.
AWS SSO configuration
If you are in a corporate environment where all AWS configurations are provided by system administrators then you do not need to configure SSO parameters.
Otherwise you need to open the command shell (win+R), enter
aws configure sso, press enter and provide the required parameters.
Read configuration instructions for the details.
Restart DBeaver after the AWS CLI SSO configuration will be finished.
In the DBeaver database connection dialog you need to:
- Set Authentication to
- Set Credentials to
- Choose the profile which was configured with AWS SSO (see previous chapter).
- Click on
Now you can connect. DBeaver will open a web browser with SSO authorization.