Skip to content
Contains some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly
Branch: master
Clone or download
Latest commit 04b798e Jan 30, 2020
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Oct 31, 2018
create_saml_aws.sh fix for satosa Jan 30, 2020
idp.xml Update idp.xml Oct 4, 2018
shibpolicy.json fix for satosa Jan 30, 2020

README.md

aws-saml-scripts

This repo will contain some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly. This is only part of a two step process when integrating an AWS account with a SAML provider. The SAML IDP will still need to be configured to release the appropriate attributes and values.

  1. make sure the ~/.aws/credential file has the appropriate key for the account intended to be integrated
  2. modify shibpolicy.json
    • change the AWS account number (123456789012) to the actual number
    • change the value after saml-provider/ to the name you want to call the IDP (defaults to login.at.internet2.edu)
  3. put the IDP metadata in idp.xml (right now, it contains the IDP metdata for login.at.internet.edu, the ICP SAML Proxy)
  4. run the create script:
    • ICP integration: create_saml_aws.sh login.at.internet2.edu
    • or: create_saml_aws.sh idp_name
You can’t perform that action at this time.