Logz.io offers a quick integration for SSO with AWS.

To set up single sign-on for AWS

Request SSO access from Logz.io

Only account admins can request single sign-on access for their accounts.

To set up your AWS SSO, you’ll first need to email help@logz.io and write that you want to set up AWS SAML SSO for Logz.io.

Include these items in the message:

The Support team will respond with the connection information needed to set up your AWS SSO.

Set a custom SAML app in AWS

Log into your AWS SSO dashboard.

Click on Applications located on the left-hand menu. Then, click on Add a new application > Add a custom SAML application.

Create SAML app

Name your application and give it a short description. Then, download the AWS SSO certificate.

Download certificate

Under Application properties, enter the Application start URL given to you by Logz.io, and set the Session duration to 12 hours.

Download certificate

Next, in Application metadata, click on the link located underneath the browse button. Enter the ACS URL and Application SAML audience given to you by Logz.io support. You’ll need to paste the Single Sign-on URL to the Application ACS URL, and Audience URI to Application audience.

Set entity ID

Click on the Attribute mappings tab.

Add a new attribute called email and the variable ${user:email}.

To configure groups you’ll need to add another attribute mapping called groups and the variable ${user:groups}.

Read more about attribute mapping for AWS.

Adding attributes

Click on Save changes to create your app.

Send your SAML details to Logz.io

Draft a new email to Support, and include these items:

  • Your zipped SAML Signing Certificate.
  • Your AWS SSO sign-in URL.

SAML details

When Support has received the information and created your AWS + Logz.io connection, you’ll receive confirmation that your AWS SSO is ready to go, and you can start logging in to Logz.io through your AWS account.

Assign users to Logz.io’s SSO connection

In your main SAML application you’ve just created, navigate to the Assigned users tab and click on Assign users. Here you can choose and add all relevant users from your organization who can use your new SSO connection.

Users must also have a Logz.io account to use the new SSO feature.

Assign users