Page created: 9 Sep 2021 |
Page updated: 16 Feb 2022
Change the AWS SP SAML connection to use the STS processor and map the attributes.
- On the Identity Provider tab, from the SP connections list, select your AWS connection.
- Click Connection Type and select the WS-Trust STS check box. Click Next.
- On the WS-Trust STS tab, click Configure WS-Trust STS and enter https://signin.aws.amazon.com/saml in the Partner Service Identifier field. Click Add and then click Next.
- On the Token Creation screen, click Configure Token Creation.
- Enter https://aws.amazon.com/SAML/Attributes/Role in the Extend the Contract field. Click Add.
- Enter https://aws.amazon.com/SAML/Attributes/RoleSessionName in the Extend the Contract field and click Add. Click Next.
- On the IdP Token Processor Mapping tab, click Map New Token Processor Instance and specify the token processor. Click Next.
- Map the Attribute Contract Fulfillment section. See steps 13 - 15 in Creating a new SP connection in PingFederate.
- Click Next and Save on the Summary tab.