Difference between revisions of "SAML:EduPersonOrgDN"

From wikieduonline
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
https://iam.uconn.edu/supported-ldap-attributes/
 
https://iam.uconn.edu/supported-ldap-attributes/
  
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html
+
Enabling SAML 2.0 federated users to access the AWS Management Console: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html
 
  {
 
  {
 
   "Version": "2012-10-17",
 
   "Version": "2012-10-17",
Line 7: Line 7:
 
     "Effect": "Allow",
 
     "Effect": "Allow",
 
     "Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"},
 
     "Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"},
     "Action": "sts:AssumeRoleWithSAML",
+
     "Action": "[[sts:AssumeRoleWithSAML]]",
 
     "Condition": {"StringEquals": {
 
     "Condition": {"StringEquals": {
 
       "saml:edupersonorgdn": "ExampleOrg",
 
       "saml:edupersonorgdn": "ExampleOrg",

Latest revision as of 18:47, 4 November 2021

https://iam.uconn.edu/supported-ldap-attributes/

Enabling SAML 2.0 federated users to access the AWS Management Console: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html 

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": {"Federated": "arn:aws:iam::account-id:saml-provider/ExampleOrgSSOProvider"},
    "Action": "sts:AssumeRoleWithSAML",
    "Condition": {"StringEquals": {
      "saml:edupersonorgdn": "ExampleOrg",
      "saml:aud": "https://signin.aws.amazon.com/saml"
    }}
  }]
}

Related[edit]

SAML:aud https://signin.aws.amazon.com/saml
SAML:iss
SAML:sub
SAML:sub_type

See also[edit]

Retrieved from "https://www.wikieduonline.com/index.php?title=SAML:EduPersonOrgDN&oldid=97510"

Advertising: