Difference between revisions of "SAML:EduPersonOrgDN"
Jump to navigation
Jump to search
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
https://iam.uconn.edu/supported-ldap-attributes/ | https://iam.uconn.edu/supported-ldap-attributes/ | ||
| − | https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html | + | Enabling SAML 2.0 federated users to access the AWS Management Console: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html |
{ | { | ||
"Version": "2012-10-17", | "Version": "2012-10-17", | ||
| Line 7: | Line 7: | ||
"Effect": "Allow", | "Effect": "Allow", | ||
"Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"}, | "Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"}, | ||
| − | "Action": "sts:AssumeRoleWithSAML", | + | "Action": "[[sts:AssumeRoleWithSAML]]", |
"Condition": {"StringEquals": { | "Condition": {"StringEquals": { | ||
"saml:edupersonorgdn": "ExampleOrg", | "saml:edupersonorgdn": "ExampleOrg", | ||
| Line 19: | Line 19: | ||
* http://doc.isilon.com/ECS/3.5/DataAccessGuide/GUID-BA49B495-6E0A-445B-A93E-EDF3DECB4B40.html | * http://doc.isilon.com/ECS/3.5/DataAccessGuide/GUID-BA49B495-6E0A-445B-A93E-EDF3DECB4B40.html | ||
| − | [[SAML:aud]] | + | [[SAML:aud]] https://[[signin.aws.amazon.com]]/saml |
[[SAML:iss]] | [[SAML:iss]] | ||
[[SAML:sub]] | [[SAML:sub]] | ||
| Line 25: | Line 25: | ||
== See also == | == See also == | ||
| − | * {{ | + | * {{AWS SAML}} |
* {{SAML}} | * {{SAML}} | ||
| + | |||
| + | [[Category:AWS]] | ||
| + | [[Category:SAML]] | ||
Latest revision as of 18:47, 4 November 2021
https://iam.uconn.edu/supported-ldap-attributes/
Enabling SAML 2.0 federated users to access the AWS Management Console: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"},
"Action": "sts:AssumeRoleWithSAML",
"Condition": {"StringEquals": {
"saml:edupersonorgdn": "ExampleOrg",
"saml:aud": "https://signin.aws.amazon.com/saml"
}}
}]
}
Related[edit]
AssumeRolePolicyDocument- http://doc.isilon.com/ECS/3.5/DataAccessGuide/GUID-BA49B495-6E0A-445B-A93E-EDF3DECB4B40.html
SAML:aud https://signin.aws.amazon.com/saml SAML:iss SAML:sub SAML:sub_type
See also[edit]
- SAML, IdP, AWS SAML, AWS IAM, AWS SAML endpoint,
SAML:EduPersonOrgDN, SAML Role Attribute, assume-role-with-saml - SAML, IdP, Assertion, Attribute, SCIM, Amazon Cognito, OpenID Connect (OIDC), SAML response,
SAML:EduPersonOrgDN, Assertion Consumer Service (ACS), SAML examples,Entity ID,Name ID,SAMLResponse, saml-provider
Advertising:
