AWS SSO

Enable AWS SSO

  1. Navigate to Access Control > SSO from the left side menu.

  2. Click on Add Identity Provider

  3. Provide a name for your Identity Provider

  4. Select AWS

  5. Click Next

  6. Follow these steps to add and configure a custom SAML 2.0 application in AWS.

    1. In AWS, when asked for an Application ACS URL, copy & paste the Application ACS URL shown on the e6data SSO page.

    2. In AWS, when prompted for an Application SAML audience, copy & paste the Application SAML audience shown on the e6data SSO page.

    3. Match the user attributes in AWS to those shown on the e6data SSO page.

  7. Click Next

  8. Under IdP Configuration, click Choose File & upload the IAM Identity Center SAML metadata file previously downloaded from AWS IAM Console in step 6.

  9. Click Save

  10. Users can now log in to e6data using AWS SSO.

Login via AWS SSO

Users can log in by:

  • Clicking the Single Sign-On (SSO) button in the e6data platform.

SuperAdmin will be able to log in using both SSO and username/password authentication.

Add Users to e6data via AWS SSO

Please follow this guide from AWS to add users to the custom SAML 2.0 application created during SSO setup.

Once a user is added they will be able to log in via AWS SSO.

By default, new users are assigned the Viewer role (least privilege). The SuperAdmin or AccessAdmin should change the user's role after the first login.

Remove Users from e6data via AWS SSO

Please follow this guide from AWS to remove user access to the custom SAML 2.0 application created during SSO setup.

Disable SSO

  1. Navigate to Access Control > SSO from the left side menu.

  2. Toggle Integrate SSO to the disabled position.

Important: When SSO is disabled, each user added using SSO will need to reset their password.

Last updated

#930: Cross account hive GCP

Change request updated