Configuring user provisioning for Amazon Web Services (Amazon Specific)



Similar documents
Introduction and overview view of Citrix ShareFile provisioning. Preparing your Citrix ShareFile account for provisioning

Creating a generic user-password application profile

Connected Data. Connected Data requirements for SSO

SAML single sign-on configuration overview

Configuring Salesforce

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Configuring. SugarCRM. Chapter 121

SAP NetWeaver AS Java

Configuring. Moodle. Chapter 82

Configuring Parature Self-Service Portal

Sharepoint server SSO

DESKTOP CLIENT CONFIGURATION GUIDE BUSINESS

Configuring Single Sign-on from the VMware Identity Manager Service to Amazon Web Services

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

AVG Business SSO Connecting to Active Directory

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

Google Apps Deployment Guide

SAML single sign-on configuration overview

User Management Tool 1.5

Configuring on-premise Sharepoint server SSO

Okta/Dropbox Active Directory Integration Guide

Configuring SuccessFactors

Egnyte Single Sign-On (SSO) Installation for OneLogin

AWS Directory Service. Simple AD Administration Guide Version 1.0

SAP NetWeaver Fiori. For more information, see "Creating and enabling a trusted provider for Centrify" on page

Backing Up and Restoring Microsoft Exchange Server Cloud Attached Storage. August 2012 Version 3.2

AWS Service Catalog. User Guide

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Configuring an ios App Store application

Cloud Services ADM. Agent Deployment Guide

Technical Support Set-up Procedure

Lync Online Deployment Guide. Version 1.0

SAML application scripting guide

Introduction to Directory Services

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

Configuring. SuccessFactors. Chapter 67

How To Use Salesforce Identity Features

Single Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Configuration Guide - OneDesk to SalesForce Connector

Flexible Identity Federation

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Setting Up Jive for SharePoint Online and Office 365. Introduction 2

User Management Tool 1.6

client configuration guide. Business

WatchDox Administrator's Guide. Application Version 3.7.5

Office 365 deployment checklists

Copyright Pivotal Software Inc, of 10

TIGERPAW EXCHANGE INTEGRATOR SETUP GUIDE V3.6.0 August 26, 2015

unisys Unisys Stealth(cloud) for Amazon Web Services Deployment Guide Release 1.0 January

Professional Mailbox Software Setup Guide

Getting Started Guide: Getting the most out of your Windows Intune cloud

Setting Up the Mercent Marketplace Price Optimizer Extension

Managing users. Account sources. Chapter 1

Cloud Attached Storage

AWS Account Management Guidance

Installation, Configuration, and Usage

PingFederate. Identity Menu Builder. User Guide. Version 1.0

AVG Business Secure Sign On Active Directory Quick Start Guide

How To Backup Your Computer With A Remote Drive Client On A Pc Or Macbook Or Macintosh (For Macintosh) On A Macbook (For Pc Or Ipa) On An Uniden (For Ipa Or Mac Macbook) On

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

Configure Single Sign on Between Domino and WPS

Management Utilities Configuration for UAC Environments

Egnyte Single Sign-On (SSO) Installation for Okta

Identity Implementation Guide

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

Amazon S3 Cloud Backup Solution Contents

Synthetic Monitoring Scripting Framework. User Guide

SAML based Single Sign-on integration for:

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Active Directory Management. Agent Deployment Guide

The Customer page is only displayed in Admin Portal on Managed Service Provider accounts. It is not displayed in customer accounts.

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

A Step by Step Guide on Integrating Data in

How To - Implement Single Sign On Authentication with Active Directory

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Deploying RSA ClearTrust with the FirePass controller

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with IBM WebSphere 7

Managing Existing Mobile Apps

Lab 1: Windows Azure Virtual Machines

Getting Started with AWS. Hosting a Static Website

Administering Jive for Outlook

Salesforce-Wrike Integration Setup Manual

Office 365 deploym. ployment checklists. Chapter 27

CA Nimsoft Service Desk

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

SAP CRM on SAP HANA Getting Started Today with 9 Easy Steps. May 2014

Centrify Cloud Management Suite

Getting Started with the Aloha Community Template for Salesforce Identity

Windows Intune Walkthrough: Windows Phone 8 Management

POINT OF SALES SYSTEM (POSS) USER MANUAL

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with Oracle Application Server 10g

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

OneLogin Integration User Guide

Transcription:

Chapter 2 Configuring user provisioning for Amazon Web Services (Amazon Specific) Note If you re trying to configure provisioning for the Amazon Web Services: Amazon Specific + Provisioning app, you re the right place. If you re trying to configure provisioning for the Amazon Web Services: SAML + Provisioning app, see Configuring user provisioning for Amazon Web Services (SAML) This section includes the following topics: "Creating the Amazon Web Services IAM user and generating the key values" on page 2-96 "Configuring Amazon Web Services in Admin Portal for automatic provisioning" on page 2-97 "Provisioning users for Amazon Web Services based on roles" on page 2-98 Creating the Amazon Web Services IAM user and generating the key values In the Amazon Web Services Management Console, you generate the authentication keys that you ll enter in Admin Portal to configure provisioning. For more details, see the Amazon Web Services documentation. http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html http://docs.aws.amazon.com/sts/latest/usingsts/stsmgmtconsole-saml.html To generate the key values on the Amazon Web Services console: 1 Log in to the AWS Management console at https://aws.amazon.com using an account that has Administrator access. Note In the AWS Management console, you assign permissions to groups by way of policies. You can assign policy templates, generate a policy, or create a custom policy. Consult the Amazon Web Services documentation for more information (http:// docs.aws.amazon.com/iam/latest/userguide/controllingaccess.html). 2 Navigate to https://console.aws.amazon.com/iam/home?#security_credential 3 Click Continue to Security Credentials. 4 Click Access Keys (Access Key ID and Secret Access Key). 5 Click Create New Access Key. 96

Configuring Amazon Web Services in Admin Portal for automatic provisioning Note If you already have two Access Key IDs, you will need to delete an existing Access Key ID before you can create a new one. 6 Click Download Key File to download the Access Key ID and Secret Access Key. A.csv file downloads containing the access keys for the users you created. This is the only time you can download the access keys, and you will need this file to copy the access keys into the Admin Portal soon when you configure provisioning. 7 Click Close. You re ready to add the application in Admin Portal and configure it for provisioning. For details, see Configuring Amazon Web Services in Admin Portal for automatic provisioning. Configuring Amazon Web Services in Admin Portal for automatic provisioning You can deploy SSO access to Amazon Web Services using either Amazon Web Services proprietary authentication method or with SAML. Initially, Amazon Web Services only supported their own, custom authentication method. Now they also support SAML. You can choose to use either method for your deployment. To configure Amazon Web Services in Admin Portal for automatic provisioning: 1 In Admin Portal, add, configure, and deploy the Amazon Web Services (AWS) Amazon Specific + Provisioning For details, see Configuring Amazon Web Services (Amazon Specific). Tip Configure the rest of the application before enabling provisioning to simplify any necessary troubleshooting. Although SSO configuration isn t required for provisioning to work, you do need to configure SSO so that provisioned users can access the 2 On the application s Provisioning tab, select Enable provisioning for this 3 Select either Preview Mode or Live Mode. Preview Mode: Use Preview Mode when you re initially testing the application provisioning or making configuration changes. The cloud service does a test run to show you what changes it would make but the changes aren t saved. Live Mode: Use Live mode when you want to use application provisioning in your production system. The cloud service does the provisioning run and saves the changes to both the cloud service and the application s account information. Chapter 2 Configuring user provisioning for Amazon Web Services (Amazon Specific) 97

Provisioning users for Amazon Web Services based on roles Note Enter the following information for the provisioning details: Field Access Key Secret Key Description Paste in the Access Key from the IAM user that you created in Amazon Web Services. Paste in the Secret Key from the IAM user that you created in Amazon Web Services. Note If you re using the Amazon Web Services application in Admin Portal that uses Amazon Web Services proprietary authentication configuration (the Web-Amazon version), you can re-use the keys that you entered on the Application Settings page here. 4 If needed, use the horizontal and vertical scroll bars to bring the Verify button into view. 5 Click Verify to have the cloud service verify and save the connection and save the provisioning details. Provisioning users for Amazon Web Services based on roles Here you specify a Admin Portal role and specify that users in that role will be matched to existing or new accounts in Amazon Web Services with the roles that you specify. When you change any role mappings, the cloud service synchronizes any user account or role mapping changes immediately. Notes How the cloud service determines duplicate user accounts: If the user accounts in the cloud service and the target application match for the fields that make an Amazon Web Services user unique, then the cloud service handles the user account updates according to your instructions. In many applications, the user s email address or Active Directory userprincipalname is the primary field used to identify a user and in many cases, the userprincipalname is the email address. You can look at the application s provisioning script to see the fields that the cloud service uses to match user accounts. To automatically provision users with Amazon Web Services accounts: 1 First, make sure that you ve entered and verified the provisioning credentials. 2 You specify which users have access to the application with the roles you add in the application s User Access tab. You specify what kind of access users have in the target application by assigning roles in the Provisioning > Role Mappings area. 3 In the Provisioning page, scroll down to the Role Mappings section. Cloud Manager user s guide 98

Provisioning users for Amazon Web Services based on roles 4 Select either Overwrite or Keep to specify how the cloud service handles situations when the cloud service determines that the user already has an account in the target Overwrite: Select Overwrite to update and overwrite the target application user account information with the cloud user account information. Note If the target user account has a value for a user attribute that doesn t exist in the cloud user account, then the cloud service leaves that target user account attribute value intact. Keep: Select Keep to keep the target user account as it is; the cloud service skips and doesn t update the duplicate user account in the Retain: If you select Keep, you can also select Retain to keep the existing target application user account active when changes in roles or role mappings result in the user no longer being assigned and provisioned to the To deprovision users when the user is no longer assigned and provisioned to the application, do not select this option. 5 Click Add to add role mappings and specify which users get provisioned to this The Role Mapping dialog box opens. 6 Select a Role and click Add. 7 Select a Destination Group. 8 Click Done to save the role mapping and return to the Provisioning page. 9 Continue adding role mappings, as desired. To change a mapping, select the role mapping and click Modify. To remove a mapping, select the role mapping and click Delete. Note The provisioning script is intended for advanced users who are familiar with editing server-side JavaScript code. 10 When you ve finished making changes, click Save to save the provisioning details. Any time that you make changes to the provisioning role mapping, the cloud service runs a synchronization automatically. You can also run a preview synchronization or a real synchronization, if desired. Chapter 2 Configuring user provisioning for Amazon Web Services (Amazon Specific) 99

Provisioning users for Amazon Web Services based on roles Cloud Manager user s guide 100

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information