search

aws-solutions / aws-data-lake-solution

A deployable reference implementation intended to address pain points around conceptualizing data lake architectures that automatically configures the core AWS services necessary to easily tag, search, share, and govern specific subsets of data across a business or with other external businesses.
https://aws.amazon.com/solutions/implementations/data-lake-solution/
Apache License 2.0
401 stars 160 forks source link

SAML configuration not working. #31

Closed samavedulark closed 5 years ago

samavedulark commented 5 years ago

Hi, we are using centrify as saml provider, but federated template is failing with below error. i am giving AD FS Hostname: https://XXXXXXX-dev.my.centrify.com

2019-05-17T19:06:39.399Z e8f9cc5c-722d-4784-9f01-76d84d63ccdd Failed to create data lake Cognito identity provider:

InvalidParameterException: Non-ok status code 404 returned from remote metadata source https://XXXXXXX-dev.my.centrify.com/FederationMetadata/2007-06/FederationMetadata.xml

2019-05-17T19:06:39.399Z e8f9cc5c-722d-4784-9f01-76d84d63ccdd RESPONSE BODY:

{ "Status": "FAILED", "Reason": "https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logEventViewer:group=/aws/lambda/data-lake-helper;stream=2019/05/17/[$LATEST]67c0ab46e276450da7462b28a9dfa0a7", "PhysicalResourceId": "FederateLogin", "StackId": "arn:aws:cloudformation:us-east-1:006976719545:stack/abc-datalake-federated-template/bf89dfa0-78d2-11e9-a00d-0a5c603a1bba", "RequestId": "8ffe0c4b-4e1e-4e58-9395-c89dab7a7305", "LogicalResourceId": "FederateLogin", "Data": { "Error": "Failed to create data lake Cognito identity provider" }

I know this url doesnot exists, https://XXXXXXX-dev.my.centrify.com/FederationMetadata/2007-06/FederationMetadata.xml

but i dont think centrify works like MS ADFS,

May be i am setting up something wrong.

samavedulark commented 5 years ago

Hi,

It is working, i need to give saml metadata file in ProviderDetails: { 'MetadataFile': `` } in cognito-helper.js. After that it is working.