The SAML provider that you create with this operation can be used as a principal in a role's trust policy to establish a trust relationship between AWS and a SAML identity provider. You can create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to AWS.
When you create the SAML provider, you upload an a SAML metadata document that you get from your IdP and that includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.
For more information, see Enabling SAML 2.0 Federated Users to Access the AWS Management Console and About SAML 2.0-based Federation in the IAM User Guide.
Version: (assembly version)
public abstract CreateSAMLProviderResponse CreateSAMLProvider( CreateSAMLProviderRequest request )
Container for the necessary parameters to execute the CreateSAMLProvider service method.
|EntityAlreadyExistsException||The request was rejected because it attempted to create a resource that already exists.|
|InvalidInputException||The request was rejected because an invalid or out-of-range value was supplied for an input parameter.|
|LimitExceededException||The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.|
|ServiceFailureException||The request processing has failed because of an unknown error, exception or failure.|
Supported in: 4.5, 4.0, 3.5