search

MatthiasScholz / cos

Basic Cluster Orchestration Setup
GNU Lesser General Public License v3.0
34 stars 11 forks source link

Enable Authentication over ALB #66

Closed ThomasObenaus closed 5 years ago

ThomasObenaus commented 5 years ago

AWS ALB's support the feature of using identity-providers like OneLogin for authenticating incoming requests. In order to enable this feature an ALB listener rule has to be added that takes all requests redirecting them to the identity provider for validation and then forwards authenticated requests to the according target-group.

To be able to use this functionality for the cos, the cos has to provide the needed information (as output) to create such a listener rule.

Needed outputs are:

  1. The DNS name of the ALB (already available)
  2. The ARN of the https listener attached to the ALB
  3. The ARN of the target group the listener routes requests to
MatthiasScholz commented 5 years ago

"AWS ALB's support the feature of using identity-providers like OneLogin for authenticating incoming requests." -> As I understood the AWS features as a connection to the AWS Cognito service, which then can be connected to another indentity-provider.

Nevertheless this changes regarding the changes made.