AWS SAML based User Federation using Keycloak

AWS Keycloak SAML Integration

The main agenda is adding SAML based Identity provider on AWS IAM, and here we are going to do that with the help of Keycloak.

We will be able to login as federated user on the AWS(will act as service provider) console using IDP initiated SAML flow.

For recent versions of the Keycloak during the time — 2023/ 2024, please follow the other post — here.
If not a medium member, try using the link here to view it for free.

For OpenID based federation with AWS, check my other story here

Prerequisites

1. You should have the real urge to do federation between an identity provider and AWS using SAML based setup.
2. Have some knowledge of — AWS, AWS IAM, SAML, Access and Identity Management as general topic, Keycloak, etc.
3. Keycloak version 10 or later, already running separately. I used patchy(hacked for work around) keycloak version 10.0.1. And could not wait for next release as there was an important blocker issue related to the roles with special characters not being allowed in version 10.0.1.
   UPDATE — One may try the version 10.0.2 or later as it has been resolved on that version. Issue details are here

Scope.

1. Configuration setup of Identity Provider on the AWS…