IAM / Client / update_saml_provider
update_saml_provider#
- IAM.Client.update_saml_provider(**kwargs)#
Updates the metadata document, SAML encryption settings, and private keys for an existing SAML provider. To rotate private keys, add your new private key and then remove the old key in a separate request.
See also: AWS API Documentation
Request Syntax
response = client.update_saml_provider( SAMLMetadataDocument='string', SAMLProviderArn='string', AssertionEncryptionMode='Required'|'Allowed', AddPrivateKey='string', RemovePrivateKey='string' )
- Parameters:
SAMLMetadataDocument (string) – An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer’s name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your IdP.
SAMLProviderArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) of the SAML provider to update.
For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
AssertionEncryptionMode (string) – Specifies the encryption setting for the SAML provider.
AddPrivateKey (string) – Specifies the new private key from your external identity provider. The private key must be a .pem file that uses AES-GCM or AES-CBC encryption algorithm to decrypt SAML assertions.
RemovePrivateKey (string) – The Key ID of the private key to remove.
- Return type:
dict
- Returns:
Response Syntax
{ 'SAMLProviderArn': 'string' }
Response Structure
(dict) –
Contains the response to a successful UpdateSAMLProvider request.
SAMLProviderArn (string) –
The Amazon Resource Name (ARN) of the SAML provider that was updated.
Exceptions