github.com/versent/saml2aws@v2.17.0+incompatible/pkg/provider/googleapps/README.md

github.com/versent/saml2aws@v2.17.0+incompatible/pkg/provider/googleapps/README.md (about)

     1  # googleapps
     2  
     3  This provider uses SAML with Google Apps to enable authentication of users to AWS. 
     4  
     5  # prerequisites
     6  
     7  Setup your Google Apps and AWS Account as per one of the configuration guides.
     8  
     9  * [How to Set Up Federated Single Sign-On to AWS Using Google Apps](https://aws.amazon.com/blogs/security/how-to-set-up-federated-single-sign-on-to-aws-using-google-apps/)
    10  * [Using Google Apps SAML SSO to do one-click login to AWS](https://blog.faisalmisle.com/2015/11/using-google-apps-saml-sso-to-do-one-click-login-to-aws/)
    11  
    12  # configuration
    13  
    14  The key attribute in configuring this provider is the URL which can be copied from the google apps, application list (I just pulled it from the HTML). An example of this is as follows:
    15  
    16  `https://accounts.google.com/o/saml2/initsso?idpid=XXXXXXX&spid=YYYYY&forceauthn=false`
    17  
    18  Where the following attributes are replace with:
    19  
    20  * `XXXXX` is IdP identifier for your Google Apps Account.
    21  * `YYYYY` is SP identifier for the AWS SAML application, in your Google Apps Account.
    22  
    23  # 2-factor support
    24  
    25  Currently this provider supports:
    26  
    27  * ToTP using applications like Google Authenticator or Authy
    28  * SMS
    29  * Google Prompt (Mobile Application)
    30  
    31  # prior work
    32  
    33  In addition to my own effort deconstructing this, I also used the following as resources:
    34  
    35  * https://github.com/wheniwork/keyme
    36  * https://github.com/cevoaustralia/aws-google-auth