AWS SSO + Rancher

Is it even possible to achieve configuration to Rancher through the AWS SSO? I thought it will be easy to do using Keycloak (SAML) configuration, but we cannot retrieve private key, that is required by this configuration, from AWS SSO because it doesn’t allow this.