From 883a099c62c43217e4184f95c027f132282fa510 Mon Sep 17 00:00:00 2001
From: Christopher Hubing <chubing@internet2.edu>
Date: Thu, 4 Oct 2018 11:03:35 -0400
Subject: [PATCH] Update create_saml_aws.sh

---
 create_saml_aws.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/create_saml_aws.sh b/create_saml_aws.sh
index 79c1f24..e0c8b7b 100755
--- a/create_saml_aws.sh
+++ b/create_saml_aws.sh
@@ -2,7 +2,7 @@
 
 [ $# -eq 0 ] && { echo "Usage: $0 name_of_idp "; exit 1; }
 
-
+# call to create the saml provider in the AWS accounts
 aws iam create-saml-provider --saml-metadata-document file://idp.xml --name $1
 if [ $? -ne -1 ]
   then
@@ -10,6 +10,7 @@ if [ $? -ne -1 ]
     exit 1
 fi
 
+# create iam roles that saml users can assume:
 aws iam create-role --role-name administrator --assume-role-policy-document file://shibpolicy.json
 aws iam attach-role-policy --role-name administrator --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
 aws iam create-role --role-name readonly --assume-role-policy-document file://shibpolicy.json