Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to perform multi-stage AWS mappings due to entitlement mappings #66

Open
0xW1sKy opened this issue Jul 6, 2021 · 0 comments
Open

Unable to perform multi-stage AWS mappings due to entitlement mappings #66

0xW1sKy opened this issue Jul 6, 2021 · 0 comments

Comments

@0xW1sKy
Copy link

0xW1sKy commented Jul 6, 2021

Problem:

AWS app is configured to assign permissions via "map from onelogin" with match: "AWS - (.*)"

When a user is assigned the "AWS - FOO" role in OneLogin, you then need to click "Reapply Entitlement Mappings" for the SCIM to trigger and create the matching group in AWS SSO.

Our use case is creating the roles named "AWS - FOO" in onelogin via terraform (this works great),
Then use the AWS Terraform Provider to attach a permission set to the SSO Group.

This action fails as nothing triggers the "Reapply Entitlement Mappings" action from the terraform file, and thus never populates AWS for us to perform a match.

If there is an api endpoint for the reapply, I have not been able to find it or id trigger the call via local-exec and be unblocked.

Wish:
When making updates to user roles via Terraform, entitlement mapping updates would happen automagically.

Let me know what other detail I can provide.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@0xW1sKy