Skip to content

internet2/aws-saml-scripts

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
3 branches 0 tags
Code

Latest commit

@chubing
chubing Update shibpolicy.json
f50e497 Sep 11, 2023
Update shibpolicy.json
f50e497

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
README.md
Update README.md
October 31, 2018 16:13
create_saml_aws.sh
fix for satosa
January 30, 2020 08:37
idp.xml
Update idp.xml
October 4, 2018 11:32
shibpolicy.json
Update shibpolicy.json
September 11, 2023 11:59

README.md

aws-saml-scripts

This repo will contain some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly. This is only part of a two step process when integrating an AWS account with a SAML provider. The SAML IDP will still need to be configured to release the appropriate attributes and values.

  1. make sure the ~/.aws/credential file has the appropriate key for the account intended to be integrated
  2. modify shibpolicy.json
    • change the AWS account number (123456789012) to the actual number
    • change the value after saml-provider/ to the name you want to call the IDP (defaults to login.at.internet2.edu)
  3. put the IDP metadata in idp.xml (right now, it contains the IDP metdata for login.at.internet.edu, the ICP SAML Proxy)
  4. run the create script:
    • ICP integration: create_saml_aws.sh login.at.internet2.edu
    • or: create_saml_aws.sh idp_name

About

Contains some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly

Resources

Readme
Activity

Stars

1 star

Watchers

6 watching

Forks

0 forks

Releases

No releases published

Packages

No packages published

Languages