VPC中针对OpenSearch域的SAML身份验证
我已经在VPC内部的私人子网中部署了AWS OpenSearch cluster。另外,可以使用公共IP中的公共子网中的代理服务器访问相同的操作。 有多个文档可访问带有代理和AWS Cognito服务的OpenSearch仪表板。但是我想设置SAML以供公众访问。对于此用例,该文档还不够清楚。
有没有办法,我们可以使用Azure作为身份提供商的代理服务器为OpoenSearch域设置SAML身份验证?
I have deployed a AWS Opensearch cluster in a private subnet inside a VPC. Also, can access the same with a Proxy server in a public subnet with its public IP.
There are multiple docs for accessing Opensearch Dashboard with Proxy and AWS Cognito Service. But I want to setup SAML for public access. The documentation isn't clear enough for this use case.
Is there a way, we can setup SAML authentication for Opoensearch Domain with Proxy server with Azure as Identity Provider?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我想使用AWS自己的SSO解决方案来执行此操作,该解决方案也支持SAML身份验证。但是,我在文档中遇到了这一说明,这似乎很重要。
https:// https:///docs.aws.aws.aws.aws.amazon.com/opensearch-earpensearch-earpensearch-epensearch-cearch-popensearch-empensearch-epensearch-empensearch-empensearch-empensearch-ement-服务/最新/developerguide/saml.html
可悲的是,目前,您要么必须公开OpenSearch域,使用AWS Cognito,要么坚持使用基本的身份验证进行OpenSearch。
I wanted to do this with AWS's own SSO solution, which also supports SAML authentication. However, I came across this note in the documentation, which seems relevant.
https://docs.aws.amazon.com/opensearch-service/latest/developerguide/saml.html
Sadly it seems that, for now, you would either have to make the OpenSearch Domain public, use AWS Cognito, or stick with basic authentication for OpenSearch.