class Aws::ManagedGrafana::Types::SamlConfiguration

A structure containing information about how this workspace works with SAML.

@note When making an API call, you may pass SamlConfiguration

data as a hash:

    {
      allowed_organizations: ["AllowedOrganization"],
      assertion_attributes: {
        email: "AssertionAttribute",
        groups: "AssertionAttribute",
        login: "AssertionAttribute",
        name: "AssertionAttribute",
        org: "AssertionAttribute",
        role: "AssertionAttribute",
      },
      idp_metadata: { # required
        url: "IdpMetadataUrl",
        xml: "String",
      },
      login_validity_duration: 1,
      role_values: {
        admin: ["RoleValue"],
        editor: ["RoleValue"],
      },
    }

@!attribute [rw] allowed_organizations

Lists which organizations defined in the SAML assertion are allowed
to use the Amazon Managed Grafana workspace. If this is empty, all
organizations in the assertion attribute have access.
@return [Array<String>]

@!attribute [rw] assertion_attributes

A structure that defines which attributes in the SAML assertion are
to be used to define information about the users authenticated by
that IdP to use the workspace.
@return [Types::AssertionAttributes]

@!attribute [rw] idp_metadata

A structure containing the identity provider (IdP) metadata used to
integrate the identity provider with this workspace.
@return [Types::IdpMetadata]

@!attribute [rw] login_validity_duration

How long a sign-on session by a SAML user is valid, before the user
has to sign on again.
@return [Integer]

@!attribute [rw] role_values

A structure containing arrays that map group names in the SAML
assertion to the Grafana `Admin` and `Editor` roles in the
workspace.
@return [Types::RoleValues]

@see docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/SamlConfiguration AWS API Documentation

Constants

SENSITIVE