Contains some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly
Shell
Switch branches/tags
Nothing to show
Latest commit fa2f55c Oct 31, 2018

README.md

aws-saml-scripts

This repo will contain some scripts to integrate a SAML IDP with an AWS account and enable roles called administrator and readonly. This is only part of a two step process when integrating an AWS account with a SAML provider. The SAML IDP will still need to be configured to release the appropriate attributes and values.

  1. make sure the ~/.aws/credential file has the appropriate key for the account intended to be integrated
  2. modify shibpolicy.json
    • change the AWS account number (123456789012) to the actual number
    • change the value after saml-provider/ to the name you want to call the IDP (defaults to login.at.internet2.edu)
  3. put the IDP metadata in idp.xml (right now, it contains the IDP metdata for login.at.internet.edu, the ICP SAML Proxy)
  4. run the create script:
    • ICP integration: create_saml_aws.sh login.at.internet2.edu
    • or: create_saml_aws.sh idp_name