Browser SAML credentials
Browser SAML is a generic authentication plugin that can work with SAML-based identity providers and supports multi-factor authentication.
Credentials provider
The credentials provider that will be used to authenticate requests to AWS. Set
the value of this parameter to BrowserSaml
.
Parameter name | Alias | Parameter type | Default value | Value to use |
---|---|---|---|---|
CredentialsProvider | AWSCredentialsProviderClass (deprecated) | Required | none | BrowserSaml |
Single sign-on login URL
The single sign-on URL for your application on the SAML-based identity provider.
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
SsoLoginUrl | login_url (deprecated) | Required | none |
Listen port
The port number that is used to listen for the SAML response. This value should
match the URL with which you configured the SAML-based identity provider (for
example, http://localhost:7890/athena
).
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
ListenPort | listen_port (deprecated) | Optional | 7890 |
Identity provider response timeout
The duration, in seconds, before the driver stops waiting for the SAML response from Azure AD.
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
IdpResponseTimeout | idp_response_timeout (deprecated) | Optional | 120 |
Preferred role
The Amazon Resource Name (ARN) of the role to assume. For information about ARN roles, see AssumeRole in the AWS Security Token Service API Reference.
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
PreferredRole | preferred_role (deprecated) | Optional | none |
Role session duration
The duration, in seconds, of the role session. For more information, see AssumeRole in the AWS Security Token Service API Reference.
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
RoleSessionDuration | Duration (deprecated) | Optional | 3600 |
Lake Formation enabled
Specifies whether to use the AssumeDecoratedRoleWithSAML Lake Formation API action to retrieve temporary IAM credentials instead of the AssumeRoleWithSAML AWS STS API action.
Parameter name | Alias | Parameter type | Default value |
---|---|---|---|
LakeFormationEnabled | none | Optional | FALSE |