SAML Federated user to PSQL/MySQL with IAM Authentication and segregated permissions

[Gunslito]

Hello,

I would like to ask you a question. I've been looking at documentation on how to set this up, but in the federation, SSO, and IAM Authentication part, I couldn't find the exact process.

I'm using Cloudbeaver AWS Edition, and I'm specifically connecting to a PostgreSQL database.

In the database, I'm using IAM Authentication, and I want to use AWS SAML federation to connect the federated user with the database user of the same name, and prevent them from connecting with a user of a different name.

For example:

[email protected] is federated through AWS IAM Identity Center to Cloudbeaver, connecting to the db-psql-1 as the user [email protected]. The role/permission set/etc. should not allow the user [email protected] to connect with a different user.

How can I achieve this?

An IAM/role/user policy or permission set would be very helpful on the documentation.