Skip to content

Commit

Permalink
quicksite and datazone change
Browse files Browse the repository at this point in the history 
they require an email attribute, which requires the policy to allow the IDP to do a "sts:SetSourceIdentity"
  • Loading branch information
@chubing
chubing authored Aug 8, 2023
1 parent 04b798e commit f24efb1
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion shibpolicy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
"Statement": [
{
"Effect": "Allow",
"Action": "sts:AssumeRoleWithSAML",
"Action": [ "sts:AssumeRoleWithSAML",
"sts:SetSourceIdentity" ]
"Principal": {
"Federated": "arn:aws:iam::135656781587:saml-provider/SATOSA"
},
Expand Down

0 comments on commit f24efb1

Please sign in to comment.