I have a CodeStar project, using console I've created an identity provider and an identity pool for OpenId Connect. This works and I can authenticate all my resources. I would turn this manual process into something more automated. The first two things needed are
- create an Identity Provider
- create an Identity Pool for that provider.
The ideal solution would be, add few instructions to template.yml in the code star project, so each time template is modified the identity provider will be modified accordingly. I tried to look at SAM documentation and doesn't seem to have something usefull for Identity Provider creation. I've look at CloudFormation Designer and seems there's nothing for this need. How is it possible?
How can I automate and put this information under source control?
Solved
CloudFormation doesn't have support for OpenID or SAML IdPs. However, all of the AWS SKDs do. I suggest looking into the lambda-backed custom resources for CloudFormation.
The custom resource lambda function could then have your own implementation of OpenID provider creation. See the AWS documentation for Python or Java SKD calls.
No comments:
Post a Comment