AWS SSO
Enable AWS SSO
Navigate to Access Control > SSO from the left side menu.
Click on Add Identity Provider
Provide a name for your Identity Provider
Select AWS
Click Next
Follow these steps to add and configure a custom SAML 2.0 application in AWS.
In AWS, when asked for an Application ACS URL, copy & paste the Application ACS URL shown on the e6data SSO page.
In AWS, when prompted for an Application SAML audience, copy & paste the Application SAML audience shown on the e6data SSO page.
Match the user attributes in AWS to those shown on the e6data SSO page.
Click Next
Under IdP Configuration, click Choose File & upload the IAM Identity Center SAML metadata file previously downloaded from AWS IAM Console in step 6.
Click Save
Users can now log in to e6data using AWS SSO.
Login via AWS SSO
Users can log in by:
Clicking the Single Sign-On (SSO) button in the e6data platform.
Using the AWS access portal
SuperAdmin will be able to log in using both SSO and username/password authentication.
Add Users to e6data via AWS SSO
Please follow this guide from AWS to add users to the custom SAML 2.0 application created during SSO setup.
Once a user is added they will be able to log in via AWS SSO.
By default, new users are assigned the Viewer role (least privilege). The SuperAdmin or AccessAdmin should change the user's role after the first login.
Remove Users from e6data via AWS SSO
Please follow this guide from AWS to remove user access to the custom SAML 2.0 application created during SSO setup.
Disable SSO
Navigate to Access Control > SSO from the left side menu.
Toggle Integrate SSO to the disabled position.
Important: When SSO is disabled, each user added using SSO will need to reset their password.
Last updated