On the Home page, click Applications > Select a Cluster > New Application > SAML2 Service Provider Application.
Specify the following details:
Provider Type: Select Amazon Web Services.
By default, the Metadata Text source is selected and Text is pre-filled with the metadata XML.
Name: Specify a name for the provider and click Next.
Role ARN: Specify role ARN. For example, arn:aws:iam:625143326143:role/MyAdmin
Trusted SAML Provider ARN: Specify the trusted SAML provider ARN. For example, arn:aws:iam:625143326143:saml-provider/idp1
To fetch ARN values, see Enabling Web Single Sign-On in the AWS Console.
NOTE:Role ARN and Trusted SAML Provider ARN are used to create the attribute mapping. If you have configured multiple roles in AWS, you can add any Role ARN while creating a service provider. To modify the attribute set, see Re-Mapping Attribute Sets.
Click Next, and review the metadata certificates.
Click Save, then update Identity Server.