使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

AWS SSO IDp For OpenSearch

0

We are using AWS SSO with Google Workspace to log into AWS.

We also have OpenSerch in use. We want to use AWS SSO as an IDP for OpenSearch however we get the following error

Oops, something went wrong
Provide your administrator with the following info:
No access
Request ID: xxxx
HTTP status: 403

The 403 call is when a GET is made on https://portal.sso.eu-west-1.amazonaws.com/saml/v2/assertion/xxxxxredactedxxxxx/ HTTP/1.1

  • rePost-User-3884245
    1 年前

    I was struggling with this problem until i saw a subtle mistake.Hope this could help : in the IAM Identity Center, settings of the application, i was using "dot" instead of "double point" for attribute mappings. Lost so many hours because of my eyes.

主题
无服务器分析安全、身份和合规性
标签
亚马逊开放搜索服务AWS IAM 身份中心
语言
English
ShaunAdams
已提问 2 年前1204 查看次数
1 回答
0

Hello

Not sure if you ve referred the below links for the same. AWS SSO with G-suite as an External IDP: https://aws.amazon.com/blogs/security/how-to-use-g-suite-as-external-identity-provider-aws-sso/

SAML with AWS Open-search: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/saml.html

These provide the basic steps for configuration & the right approach. However for a detailed check, I would advise to open up a support case with the AWS SSO/AWS Opensearch team and get it checked, once verified the steps in the above links.

profile pictureAWS
支持工程师
Chirag_R
已回答 2 年前
AWS
专家
Fabrizio@AWS
已审核 2 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容