Difference between revisions of "Sts:AssumeRoleWithSAML"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
{{lowercase}} | {{lowercase}} | ||
[[sts]]:AssumeRoleWithSAML | [[sts]]:AssumeRoleWithSAML | ||
+ | |||
+ | |||
+ | assume_role_policy = jsonencode({ | ||
+ | "Version": "2012-10-17", | ||
+ | "Statement": [ | ||
+ | { | ||
+ | "Effect": "Allow", | ||
+ | "Principal": { | ||
+ | "Federated": "arn:aws:iam::01234567980:[[saml-provider]]/YourGoogleAppsApp" | ||
+ | }, | ||
+ | "Action": "sts:AssumeRoleWithSAML", | ||
+ | "Condition": { | ||
+ | "StringEquals": { | ||
+ | "SAML:aud": "https://signin.aws.amazon.com/saml" | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | ] | ||
== Related == | == Related == |
Revision as of 15:53, 4 July 2024
sts:AssumeRoleWithSAML
assume_role_policy = jsonencode({ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "arn:aws:iam::01234567980:saml-provider/YourGoogleAppsApp" }, "Action": "sts:AssumeRoleWithSAML", "Condition": { "StringEquals": { "SAML:aud": "https://signin.aws.amazon.com/saml" } } } ]
Related
- SAML Role Attribute
- assume-role-with-saml
- Not authorized to perform sts:AssumeRoleWithSAML
- assume_role_policy
See also
aws_iam_role: assume_role_policy, iam:CreateRole
- AWS STS
(sts:)
,aws sts
[get-session-token
|get-caller-identity
|assume-role | assume-role-with-web-identity | assume-role-with-saml | get-access-key-info ]
- SAML, IdP, AWS SAML, AWS IAM, AWS SAML endpoint,
SAML:EduPersonOrgDN, SAML Role Attribute, assume-role-with-saml
Advertising: