Skip to content
Contains some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly
Branch: master
Clone or download
Latest commit fa2f55c Oct 31, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Oct 31, 2018
create_saml_aws.sh Update create_saml_aws.sh Oct 31, 2018
idp.xml Update idp.xml Oct 4, 2018
shibpolicy.json Initial commit for shell script to add SAML integration to AWS account Oct 4, 2018

README.md

aws-saml-scripts

This repo will contain some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly. This is only part of a two step process when integrating an AWS account with a SAML provider. The SAML IDP will still need to be configured to release the appropriate attributes and values.

  1. make sure the ~/.aws/credential file has the appropriate key for the account intended to be integrated
  2. modify shibpolicy.json
    • change the AWS account number (123456789012) to the actual number
    • change the value after saml-provider/ to the name you want to call the IDP (defaults to login.at.internet2.edu)
  3. put the IDP metadata in idp.xml (right now, it contains the IDP metdata for login.at.internet.edu, the ICP SAML Proxy)
  4. run the create script:
    • ICP integration: create_saml_aws.sh login.at.internet2.edu
    • or: create_saml_aws.sh idp_name
You can’t perform that action at this time.