aws.iam-saml-provider
SAML SSO Provider
we parse and expose attributes of the SAML Metadata XML Document as resources attribute for use with custodian’s standard value filter.
Filters
json-diff
Compute the diff from the current resource to a previous version.
A resource matches the filter if a diff exists between the current resource and the selected revision.
Utilizes config as a resource revision database.
Revisions can be selected by date, against the previous version, and against a locked version (requires use of is-locked filter).
properties:
selector:
enum:
- previous
- date
- locked
selector_value:
type: string
type:
enum:
- json-diff
required:
- type
Permissions - config:GetResourceConfigHistory
Actions
delete
Delete a SAML IAM Identity Provider
For example, if you want to automatically delete an SAML IdP for unknown-idp
- example:
- name: aws-iam-saml-provider-delete resource: iam-saml-provider filters: - type: value key: Name value: unknown-idp actions: - type: delete
properties:
type:
enum:
- delete
required:
- type
Permissions - iam:DeleteSAMLProvider