sts:AssumeRoleWithSAML
Jump to navigation
Jump to search
sts:AssumeRoleWithSAML
assume_role_policy = jsonencode({ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "arn:aws:iam::01234567980:saml-provider/YourGoogleAppsApp" }, "Action": "sts:AssumeRoleWithSAML", "Condition": { "StringEquals": { "SAML:aud": "https://signin.aws.amazon.com/saml" } } } ]
Related
- SAML Role Attribute
assume-role-with-saml
- Not authorized to perform sts:AssumeRoleWithSAML
assume_role_policy
See also
aws_iam_role: assume_role_policy, iam:CreateRole
- AWS STS
(sts:)
,aws sts
[get-session-token
|get-caller-identity
|assume-role | assume-role-with-web-identity | assume-role-with-saml | get-access-key-info ]
- SAML, IdP, AWS SAML, AWS IAM, AWS SAML endpoint,
SAML:EduPersonOrgDN, SAML Role Attribute, assume-role-with-saml
Advertising: