This solution establishes a Lambda function to oversee Ad-Group Sync Filters within the AWS IAM Identity Center (the successor to AWS SSO). Using LDAPs as the source, it synchronises designated groups with your AWS IAM Identity Center. The Lambda works autonomously, automatically generating documentation and sending notifications to Microsoft Teams.
| Author's |
|---|
| David Krohn Linkedin - Blog |
| Marcell Jobs |
Configuration Parameters of this solution are store in value files. You can find an example in: 'values/sandbox'. To securly store Passwort and Username for LDAPs login credentials we are using (cdk-sops)[https://github.com/dbsystel/cdk-sops-secrets]. Please ensure to encrypt your SecretFile and adjust the values before deploying.
- Open shell
- Adjust parameters in value files
- Add your KMS key to sops.yaml
- Encrypt SecretFile via
sops -e <filename> - execute command:
assume <accountname> - execute command:
cdk deploy <stackname>