Using Google Apps as an identity provider for AWS to provision SSO / single-sign-on… see link at the bottom of this page.
Not for the “faint of heart” but I’ve seen worse.
This post below looks like it is being updated to include new requirements / process on both side GoogleApps and AWS – in other words at the time of writing this post – May 2021 – the instructions in theĀ link below were valid and current.
You do have to have a privileged account on both sides (Google Apps Admin, and AWS AdministratorAccess AWS Managed Policy) to set this up.
I followed the instructions on the link below closely and had a Single Sign-On to AWS working using a Google Apps User credentials within about 20 to 30 minutes.
https://aws.amazon.com/blogs/security/how-to-use-g-suite-as-external-identity-provider-aws-sso/