one-observability-demo icon indicating copy to clipboard operation
one-observability-demo copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

Unable to complete SAML auth for AMG as keycloak service is inaccessible through service Load Balancer URL

Open iamsouravin opened this issue 1 year ago • 0 comments

Issue Description:

  1. The IRSA policy for AWS Load Balancer controller is missing permissions for AddTags action which is causing the NLB service association to fail.
  2. The service definition for the keycloak service is using default configuration for NLB scheme leading to internal load balancer endpoint.
  3. The keycloak version needs to be upgraded.

Solution:

  1. Add missing permissions to AWS Load Balancer controller IRSA policy
  2. Add service annotation to set the service scheme to internet-facing.
  3. Upgrade keycloak version to latest 22.0.1

iamsouravin avatar Sep 04 '23 22:09 iamsouravin