que: Implementing the new indentitystore APIs?

[sonrai-doyle]

trafficstars

Amazon just announced new APIs to manage SSO users and groups, I'm hoping to get a first impression if there's any interest in migrating to them?

https://aws.amazon.com/blogs/security/announcing-new-aws-iam-identity-center-apis-to-manage-users-and-groups-at-scale/

https://docs.aws.amazon.com/sdk-for-go/api/service/identitystore/

[christiangda]

hi @sonrai-doyle I tried this before but it has the same limits as SSO API (50 users and groups)

but looks like now they support the pagination of the users and groups https://github.com/aws/aws-sdk/issues/109

I will check the Go SDK to be sure supports a wildcard "*" filter or something to retrieve the entities

here my example in the thread https://github.com/aws/aws-sdk/issues/109#issuecomment-1059389915

[christiangda]

This new API /https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/identitystore#pkg-overview) support all the operations I need to deprecate the AWS SSO SCIM API (https://docs.aws.amazon.com/singlesignon/latest/developerguide/supported-apis.html), So I will work in creating a new big release with these changes

[sonrai-doyle]

I wanted to follow up that I've become aware of an AWS supported method for integrating AWS SSO with Google Workspace. I am going to try it out and see if it provides the same features as this project.

https://docs.aws.amazon.com/singlesignon/latest/userguide/google-idp.html