AWS::Grafana::Workspace SamlConfiguration

A structure containing information about how this workspace works with SAML.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "AllowedOrganizations" : [ String, ... ],
  "AssertionAttributes" : AssertionAttributes,
  "IdpMetadata" : IdpMetadata,
  "LoginValidityDuration" : Number,
  "RoleValues" : RoleValues
}

YAML

  AllowedOrganizations: 
    - String
  AssertionAttributes: 
    AssertionAttributes
  IdpMetadata: 
    IdpMetadata
  LoginValidityDuration: Number
  RoleValues: 
    RoleValues

Properties

AllowedOrganizations

Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.

Required: No

Type: Array of String

Minimum: 1

Maximum: 256

Update requires: No interruption

AssertionAttributes

A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.

Required: No

Type: AssertionAttributes

Update requires: No interruption

IdpMetadata

A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.

Required: Yes

Type: IdpMetadata

Update requires: No interruption

LoginValidityDuration

How long a sign-on session by a SAML user is valid, before the user has to sign on again.

Required: No

Type: Number

Update requires: No interruption

RoleValues

A structure containing arrays that map group names in the SAML assertion to the Grafana Admin and Editor roles in the workspace.

Required: No

Type: RoleValues

Update requires: No interruption