Drupal AWS SSO Integration will allow you to configure Single Sign-On ( SSO ) login between your Drupal site and AWS. Drupal as IdP SAML SSO module acts as a SAML 2.0 Identity Provider which can be configured to establish the trust between the module and AWS as Service Provider (SP) to securely authenticate users using Drupal credentials.
This Drupal AWS SSO setup will also help you to manage your users in one single place. We provide the Drupal SAML Identity Provider module for Drupal 7, Drupal 8, and Drupal 9. Here, we will go through a step-by-step guide to configure SAML IDP SSO login between the Drupal website as IDP ( Identity Provider ) and AWS as SP ( Service Provider ).
If you have any doubts or queries, you can contact us at email@example.com. We will help you to configure the module. We will help you to configure the module. If you want, we can also schedule an online meeting to help you configure the Drupal SAML SSO module
Note: Premium Version is required to set up SSO to AWS.
Step 1: Configure AWS as Service Provider
- Login to your Amazon Web Services (AWS) Console as an admin.
- Click on Services Tab. Under Security, Identity & Compliances click on IAM (Identity and Access Management).
- From the left-hand side list, click on Identity Providers and then click on Create Provider button in the right section.
- In the Configure Provider, select SAML as Provider type from the drop-down list and enter any Provider Name. (e.g miniOrange/Drupal)
- Go to the Drupal SAML IDP Module and download metadata file from IDP Metadata tab.
- Click on Choose File and choose the metadata file that you have downloaded from above step, then click on Next Step.
- In the next screen, you will be shown your entered provider information. Verify it and click on the Create button. The SAML Provider is created and it should be listed in the Provider table.
- Now click on Roles from the left-hand side list and then click on Create role button and click on SAML 2.0 federation tab.
- Under Choose SAML 2.0 Provider, select the SAML Provider that you have created previously i.e miniOrange.
- After that, choose Allow programmatic access only radio option and select SAML:aud option from the Attribute drop-down list.
- Enter the value as https://signin.aws.amazon.com/saml then, click on Next: Permissions button.
- Check the Policy Name AmazonEC2ReadOnlyAccess and click on Next: Tags button.
- Then, skip Step Add Tags (Optional) by clicking on Next:Preview button.
- In the next step, enter Role name and click on Create Role button then select your created role name.
- In the Summary section, click on the Trusted relationship tab and copy Role ARN and Trusted Entities value.
- Keep the values with you in comma separated format. For example- [arn:aws:iam::656620318436:role/SSORole,arn:aws:iam::656620318436:saml-provider/miniOrange]
Step 2: Configure Drupal as Identity Provider
- Go to Drupal IDP Module Dashboard and click on Service Provider Setup tab.
- Enter the following information into the corresponding fields. Click on Save button.
|Service Provider Name
|SP Entity ID or Issuer
||You can get the SP Entity ID or Issuer from the metadata (https://signin.aws.amazon.com/static/saml-metadata.xml). You will find
the value in the first line against entityID. It is set to urn:amazon:webservices but may vary for non-US regions.
|| https://signin.aws.amazon.com/saml. This might vary for non-US regions in which case you would find it in metadata ( https://signin.aws.amazon.com/static/saml-metadata.xml) as Location attribute of AssertionConsumerService.
|| Check to sign the SAML Assertion.
If you don't find what you are looking for, please contact us at firstname.lastname@example.org or call us at +1 978 658 9387 to find an answer
to your question about Drupal IDP module.