saml_providers
Creates, updates, deletes or gets a saml_provider resource or lists saml_providers in a region
Overview
| Name | saml_providers |
| Type | Resource |
| Description | Resource Type definition for AWS::IAM::SAMLProvider |
| Id | awscc.iam.saml_providers |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | |
saml_metadata_document | string | |
arn | string | Amazon Resource Name (ARN) of the SAML provider |
tags | array | |
assertion_encryption_mode | string | The encryption setting for the SAML provider |
add_private_key | string | The private key from your external identity provider |
remove_private_key | string | The Key ID of the private key to remove |
private_key_list | array | |
saml_provider_uu_id | string | The unique identifier assigned to the SAML provider |
region | string | AWS region. |
For more information, see AWS::IAM::SAMLProvider.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual saml_provider.
SELECT
region,
name,
saml_metadata_document,
arn,
tags,
assertion_encryption_mode,
add_private_key,
remove_private_key,
private_key_list,
saml_provider_uu_id
FROM awscc.iam.saml_providers
WHERE data__Identifier = '<Arn>';
INSERT example
Use the following StackQL query and manifest file to create a new saml_provider resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.iam.saml_providers (
Name,
SamlMetadataDocument,
Tags,
AssertionEncryptionMode,
AddPrivateKey,
RemovePrivateKey,
PrivateKeyList,
region
)
SELECT
'{{ Name }}',
'{{ SamlMetadataDocument }}',
'{{ Tags }}',
'{{ AssertionEncryptionMode }}',
'{{ AddPrivateKey }}',
'{{ RemovePrivateKey }}',
'{{ PrivateKeyList }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.iam.saml_providers (
Name,
SamlMetadataDocument,
Tags,
AssertionEncryptionMode,
AddPrivateKey,
RemovePrivateKey,
PrivateKeyList,
region
)
SELECT
'{{ Name }}',
'{{ SamlMetadataDocument }}',
'{{ Tags }}',
'{{ AssertionEncryptionMode }}',
'{{ AddPrivateKey }}',
'{{ RemovePrivateKey }}',
'{{ PrivateKeyList }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: saml_provider
props:
- name: Name
value: '{{ Name }}'
- name: SamlMetadataDocument
value: '{{ SamlMetadataDocument }}'
- name: Tags
value:
- Value: '{{ Value }}'
Key: '{{ Key }}'
- name: AssertionEncryptionMode
value: '{{ AssertionEncryptionMode }}'
- name: AddPrivateKey
value: '{{ AddPrivateKey }}'
- name: RemovePrivateKey
value: '{{ RemovePrivateKey }}'
- name: PrivateKeyList
value:
- KeyId: '{{ KeyId }}'
Timestamp: '{{ Timestamp }}'
DELETE example
/*+ delete */
DELETE FROM awscc.iam.saml_providers
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';
Permissions
To operate on the saml_providers resource, the following permissions are required:
Create
iam:CreateSAMLProvider,
iam:GetSAMLProvider,
iam:TagSAMLProvider
Read
iam:GetSAMLProvider
Update
iam:UpdateSAMLProvider,
iam:GetSAMLProvider,
iam:TagSAMLProvider,
iam:ListSAMLProviderTags,
iam:UntagSAMLProvider
Delete
iam:DeleteSAMLProvider
List
iam:ListSAMLProviders,
iam:GetSAMLProvider