SAML Metadata greater than 4,096 bytes

[szotrj]

My SAML metadata is > 4,096 bytes, so it cannot be passed as a parameter. I'm trying to save it as a json file on S3 and use a Transform and AWS::Include, but can't get it to work. AWS' recommendation for large parameter values is "To use a larger parameter value, create multiple parameters and then use Fn::Join to append the multiple values into a single value." Any other suggestions?

[ghost]

I have the same issue

[tomkingchen]

I can confirm facing the same issue. The template does work after I break the metadata into 4 pieces and join them back with Fn::Join. The pain point is I have to manually copy each piece into the parameter field. Using aws cli with paramter file returns error "Error parsing parameter '--parameters':Expected: '=',received: 'EOF' for input: "

[michaelpan1]

I have also stumble upon that, fix that by modifying lamba function that it reads metadata file from S3 storage.

          def lambda_handler(event, context):
            bucketName = "<<your bucket name>>"
            objectKey = "metadata.xml"
            fileObject = s3.Object(bucketName,objectKey)
            provider_xml = fileObject.get()['Body'].read().decode('utf-8')
            #provider_xml = event['ResourceProperties']['Metadata']

aaa, remember to add s3 resource on the top:

          iam = boto3.client("iam")
          **s3 = boto3.resource("s3")**

[mvanholsteijn]

My SAML identity provider can be configured by specifying the URL of the SAML metadata, circumventing the need to copy&paste the metadata in the template and the 4k limit at the same time -> https://github.com/binxio/cfn-saml-provider