Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement an L2 for SAML providers #5320

Closed
1 task done
hoegertn opened this issue Dec 6, 2019 · 7 comments · Fixed by #13393, linz/geostore#393, sullis/aws-cdk-java-example#66, thoughtworks/tramchester#254 or linz/elasticsearch-shipper#240
Closed
1 task done

Implement an L2 for SAML providers #5320

hoegertn opened this issue Dec 6, 2019 · 7 comments · Fixed by #13393, linz/geostore#393, sullis/aws-cdk-java-example#66, thoughtworks/tramchester#254 or linz/elasticsearch-shipper#240
Assignees
@rix0rrr
Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management effort/large Large work item – several weeks of effort feature-request A feature should be added or improved. p2

Comments

@hoegertn
Copy link
Contributor

hoegertn commented Dec 6, 2019

Implement an L2 for SAMl providers

Use Case

Proposed Solution

Implement a custom resource to create SAML providers. No CFN support available

  • 👋 I will implement this feature request

This is a 🚀 Feature Request
@hoegertn hoegertn added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Dec 6, 2019
@hoegertn hoegertn changed the title Implement an L2 for SAMl providers Implement an L2 for SAML providers Dec 6, 2019
@SomayaB SomayaB added the @aws-cdk/custom-resources Related to AWS CDK Custom Resources label Dec 9, 2019
@eladb eladb assigned nija-at and unassigned eladb Jan 23, 2020
@eladb eladb added @aws-cdk/aws-cognito Related to Amazon Cognito and removed @aws-cdk/custom-resources Related to AWS CDK Custom Resources labels Jan 23, 2020
@hoegertn
Copy link
Contributor Author

@eladb I think it should be in the iam package. It has nothing to do with Cognito.

@eladb eladb added @aws-cdk/aws-iam Related to AWS Identity and Access Management and removed @aws-cdk/aws-cognito Related to Amazon Cognito labels Jan 26, 2020
@eladb eladb assigned rix0rrr and unassigned nija-at Jan 26, 2020
@eladb
Copy link
Contributor

eladb commented Jan 26, 2020

Thanks @hoegertn

@rix0rrr rix0rrr added the effort/large Large work item – several weeks of effort label Feb 3, 2020
@rix0rrr
Copy link
Contributor

rix0rrr commented Feb 3, 2020

Yeah I've been thinking about this. Looks like a good idea, but I don't have a good idea of what all would be involved in it.

@hoegertn
Copy link
Contributor Author

hoegertn commented Feb 4, 2020

I think the MVP would be creating a SAML IdP from a local metadata file and being able to reference it in IAM roles as a principal in the assume role policy document.

@hoegertn
Copy link
Contributor Author

@eladb I would love to implement this and several other constructs for IAM but the custom resource package depends on IAM. Any wishes where I should put the constructs? Will the monocdk fix these issues?

@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label Mar 4, 2020
@rix0rrr rix0rrr added the p2 label Aug 12, 2020
@jogold jogold mentioned this issue Mar 4, 2021
Merged
@jogold
Copy link
Contributor

jogold commented Mar 4, 2021

but the custom resource package depends on IAM. Any wishes where I should put the constructs? Will the monocdk fix these issues?

In those cases you can always use the custom resource provider from core: https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/core#the-corecustomresourceprovider-class

@mergify mergify bot closed this as completed in #13393 Mar 8, 2021
mergify bot pushed a commit that referenced this issue Mar 8, 2021
@jogold
feat(iam): SAML identity provider (#13393)
faa0c06 
L2 for [`AWS::IAM::SAMLProvider`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html).

Also add derived classes for federated principals.

Closes #5320


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

github-actions bot commented Mar 8, 2021

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

cornerwings pushed a commit to cornerwings/aws-cdk that referenced this issue Mar 8, 2021
@jogold @cornerwings
feat(iam): SAML identity provider (aws#13393)
050da29 
L2 for [`AWS::IAM::SAMLProvider`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html).

Also add derived classes for federated principals.

Closes aws#5320


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This was referenced Mar 12, 2021
Merged
Merged
Merged
This was referenced Mar 14, 2021
Merged
Merged
Merged
Merged
Merged
Merged
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Merged
Merged
Merged
Closed
Closed
Closed
Closed
Merged
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rix0rrr rix0rrr

Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management effort/large Large work item – several weeks of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(iam): SAML identity provider jogold/aws-cdk
build(deps): bump aws-cdk from 1.92.0 to 1.93.0 linz/geostore
build(deps): bump cdk.version from 1.92.0 to 1.93.0 sullis/aws-cdk-java-example
[skip ci]: Bump aws-cdk from 1.91.0 to 1.93.0 thoughtworks/tramchester
build(deps-dev): bump aws-cdk from 1.92.0 to 1.93.0 linz/elasticsearch-shipper
Bump aws-cdk from 1.91.0 to 1.93.0 in /setTopicAttributes Milan9805/cdk-set-topic-attributes
Bump aws-cdk from 1.91.0 to 1.93.0 in /deployGenericSnsTopic Milan9805/cdk-set-topic-attributes
chore(deps): bump @aws-cdk-containers/ecs-service-extensions from 1.92.0 to 1.93.0 nikovirtala/cdk-preview-environments
chore(deps-dev): bump aws-cdk from 1.92.0 to 1.93.0 nikovirtala/cdk-preview-environments
chore(deps): bump @aws-cdk/assert from 1.92.0 to 1.93.0 nikovirtala/cdk-preview-environments
6 participants
@rix0rrr @eladb @hoegertn @jogold @nija-at @SomayaB