Skip to content

iam: SamlConsolePrincipal does not work in China #22091

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ganhuang opened this issue Sep 17, 2022 · 2 comments · Fixed by #24034
Closed

iam: SamlConsolePrincipal does not work in China #22091

ganhuang opened this issue Sep 17, 2022 · 2 comments · Fixed by #24034
Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management bug This issue is a bug. effort/small Small work item – less than a day of effort p1

Comments

@ganhuang
Copy link

Describe the bug

While creating the SAML federation principal as below, the SAML attribute is hardcoded with https://signin.aws.amazon.com/saml, which breaks in aws-cn partition since the SAML attribute should be changed to https://signin.amazonaws.cn/saml in AWS CN partition.

  const principal = new iam.SamlConsolePrincipal(provider);

Expected Behavior

The construct SamlConsolePrincipal should allow to customize the SAML attribute for this case. This could be an option to change it.

Current Behavior

Currently it's hardcoded and can't be customized while using the construct.

Reproduction Steps

  const principal = new iam.SamlConsolePrincipal(provider);

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.39.0

Framework Version

No response

Node.js Version

v16.16.0

OS

Mac

Language

Typescript

Language Version

No response

Other information

No response
@ganhuang ganhuang added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Sep 17, 2022
@github-actions github-actions bot added the @aws-cdk/aws-iam Related to AWS Identity and Access Management label Sep 17, 2022
@rix0rrr rix0rrr changed the title (aws_cdk/aws_iam): (Hardcoded SAML attribute breaks aws-cn partition for SamlConsolePrincipal) iam: SamlConsolePrincipal does not work in China Sep 19, 2022
@rix0rrr
Copy link
Contributor

rix0rrr commented Sep 19, 2022

Looks like this information needs to be encoded into region-info.

@rix0rrr rix0rrr added effort/small Small work item – less than a day of effort p1 and removed needs-triage This issue or PR still needs to be triaged. labels Sep 19, 2022
@rix0rrr rix0rrr removed their assignment Sep 19, 2022
zorrofox added a commit to zorrofox/aws-cdk that referenced this issue Feb 6, 2023
@zorrofox
fix iam: SamlConsolePrincipal does not work in China aws#22091
3558291
@zorrofox zorrofox mentioned this issue Feb 6, 2023
Merged
@mergify mergify bot closed this as completed in #24034 Feb 10, 2023
mergify bot pushed a commit that referenced this issue Feb 10, 2023
@zorrofox
fix(iam): SamlConsolePrincipal does not work in China #22091 (#24034)
2902043 
Support SamlConsolePrincipal for China and GOV partitions.

Closes #22091.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link
Contributor

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@nagmesh nagmesh mentioned this issue May 24, 2023
Closed
@filletofish filletofish mentioned this issue Jul 2, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-iam Related to AWS Identity and Access Management bug This issue is a bug. effort/small Small work item – less than a day of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(iam): SamlConsolePrincipal does not work in China #22091 zorrofox/aws-cdk
2 participants
@rix0rrr @ganhuang