The Amazon Web Services (AWS) Account Federation application provisioning settings are removed after a Lifecycle Management (LCM) trial subscription expires. 

• AWS Account Federation  
• Lifecycle Management (LCM)

The AWS Account Federation application has a provisioning feature that functions without the Lifecycle Management (LCM) SKU. 

According to Configure the Amazon Web Services Account Federation app in Okta, the Amazon Web Services (AWS) app integration does not support provisioning. This setup under the Provisioning tab is required to provide API access to Okta to download a list of AWS roles to assign during the user assignment. It allows the assignment of multiple roles to users and passes those roles in the SAML assertion.

When the trial Lifecycle Management (LCM) SKU is enabled and then expires, the AWS Account Federation API (Application Programming Interface) integration becomes disabled, and the provisioning settings are removed.

This behavior is expected because removing the license subscription wipes all provisioning settings from all application instances.

However, due to the special nature of the AWS Account Federation application, the provisioning settings can still be enabled to assist with the SAML (Security Assertion Markup Language) single sign-on (SSO) feature.