Merge branch '83-onboard-amazon-aws-webservices-sp-for-ecp' into 'master'

Resolve "Onboard Amazon AWS Webservices SP for ECP" Closes #83 See merge request !102

Merge branch '83-onboard-amazon-aws-webservices-sp-for-ecp' into 'master'
caec125d · Ryan Rumbaugh · 46e3c629 · e68c957b · caec125d
Commit caec125d authored 3 years ago by Ryan Rumbaugh
--- a/nefed.xml
+++ b/nefed.xml
@@ -13354,4 +13354,70 @@ KNGked4df0r1o5CozJ35FjKx1fiYucuvGXU+UZd5Yg6sF6MRhQqud32X3eOFJXS/ndm/jGit7B6A
            <EmailAddress>security@nebraska.edu</EmailAddress>
        </ContactPerson>
    </EntityDescriptor>
+    <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="urn:amazon:webservices">
+        <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" WantAssertionsSigned="true">
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+            <ds:X509Data>
+                <ds:X509Certificate>MIIDbTCCAlWgAwIBAgIEe4K3kjANBgkqhkiG9w0BAQsFADBnMR8wHQYDVQQDExZ1
+    cm46YW1hem9uOndlYnNlcnZpY2VzMSIwIAYDVQQKExlBbWF6b24gV2ViIFNlcnZp
+    Y2VzLCBJbmMuMRMwEQYDVQQIEwpXYXNoaW5ndG9uMQswCQYDVQQGEwJVUzAeFw0y
+    MTA4MDMwMDAwMDBaFw0yMjA4MDMwMDAwMDBaMGcxHzAdBgNVBAMTFnVybjphbWF6
+    b246d2Vic2VydmljZXMxIjAgBgNVBAoTGUFtYXpvbiBXZWIgU2VydmljZXMsIElu
+    Yy4xEzARBgNVBAgTCldhc2hpbmd0b24xCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG
+    9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz0Rf/+N+vGXBNxbK2UNPu4CAVwtjZMPeleX
+    bN03hmwMcJe35QbUhrqzb3NyaTDSy9bbXRdQCcJZlFDfr0QV8KJSzo6wELjW4p55
+    GEyELyyn9AXT7+vdikJiLRHpW1uM+oc4/h/l5j2uZv6rs1Mhz0pmU2TBXCpdOtx4
+    Iy7LYmFYXIbdA8FL0JD+4noOMqBDZ1CcY3+Tfy1BCCA4loP3gCl8nOWt6YIE5tG9
+    /5JPL3hbChX6LpnmS4f+W3oDJ00K/QWaFAy+uuptpFr2Zmn+0OJtTV8iVSD8bPYu
+    s5VHxhRL77Mq6ay5gsOTe8tavSCZghaNfE2Bp0q2R4G6EXcKswIDAQABoyEwHzAd
+    BgNVHQ4EFgQUa7CX0xx6E+LLb3uoKBLbSD2MLjAwDQYJKoZIhvcNAQELBQADggEB
+    ABHyi34eQJcGAiyvGx0XWzvj/5GMu+WYRgHxHcn1odo/Q8kgDLSPRP/k/iyaX2zy
+    Z5TINqHzOc9XIwI+kkM5S2xi+GDXCbW09A/M9obb3deh+8DARO9Y1sU1MkYHN5EW
+    Hx0HTUSiS+6iwbHesV2mFVuK6oHNgbs+TmqOJGLF2EJ8QFFFGLHbDyYDFG6yLyI3
+    zOLWfykoUrKYA5sBAmSma8uAqinwQpfQRnO4ttn/7Nn2vSAg3W/1MUJfVJAoVnOw
+    0x8NfzcSY2TriqbtKvP9JZ7bt3iX0ZxtDFaXa/chYnDhbYbjrzznEOsnAN/QIM/1
+    /mW7VaZ1tSvBOQD82FyTbKo=</ds:X509Certificate>
+            </ds:X509Data>
+            </ds:KeyInfo>
+        </KeyDescriptor>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
+        <AssertionConsumerService index="1" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://signin.aws.amazon.com/saml"/>
+        <AssertionConsumerService index="2" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://signin.aws.amazon.com/saml"/>
+        <AttributeConsumingService index="1">
+            <ServiceName xml:lang="en">AWS Management Console Single Sign-On</ServiceName>
+            <RequestedAttribute isRequired="true" Name="https://aws.amazon.com/SAML/Attributes/Role" FriendlyName="RoleEntitlement"/>
+            <RequestedAttribute isRequired="true" Name="https://aws.amazon.com/SAML/Attributes/RoleSessionName" FriendlyName="RoleSessionName"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" FriendlyName="eduPersonAffiliation"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.2" FriendlyName="eduPersonNickname"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.3" FriendlyName="eduPersonOrgDN"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.4" FriendlyName="eduPersonOrgUnitDN"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.5" FriendlyName="eduPersonPrimaryAffiliation"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" FriendlyName="eduPersonPrincipalName"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" FriendlyName="eduPersonEntitlement"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.8" FriendlyName="eduPersonPrimaryOrgUnitDN"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" FriendlyName="eduPersonScopedAffiliation"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" FriendlyName="eduPersonTargetedID"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" FriendlyName="eduPersonAssurance"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.2.1.2" FriendlyName="eduOrgHomePageURI"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.2.1.3" FriendlyName="eduOrgIdentityAuthNPolicyURI"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.2.1.4" FriendlyName="eduOrgLegalName"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.2.1.5" FriendlyName="eduOrgSuperiorURI"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:1.3.6.1.4.1.5923.1.2.1.6" FriendlyName="eduOrgWhitePagesURI"/>
+            <RequestedAttribute isRequired="false" Name="urn:oid:2.5.4.3" FriendlyName="cn"/>
+        </AttributeConsumingService>
+        </SPSSODescriptor>
+        <Organization>
+        <OrganizationName xml:lang="en">Amazon Web Services, Inc.</OrganizationName>
+        <OrganizationDisplayName xml:lang="en">AWS</OrganizationDisplayName>
+        <OrganizationURL xml:lang="en">https://aws.amazon.com</OrganizationURL>
+        </Organization>
+    </EntityDescriptor>
 </EntitiesDescriptor>