CloudWatch Dashboard Sharing

Initial Setup

Set up SSO for CloudWatch dashboard sharing
1. When setting Identity Providers on the Cognito User Pool, choose SAML
2. When prompted for a Metadata document
  1. Upload the IdP Metadata from SAML.to for your User or Organization
3. When prompted for the Provider name
  1. Input saml-to
In Dashboard Sharing, select saml-to as the Identity Provider
Go to the desired Dashboard in CloudWatch
1. Click Actions then Share Dashboard
2. Under Share all your account’s CloudWatch dashboards using single sign-on (SSO)
  1. Under Resources
    Make note of the Sharable Link (e.g. https://cloudwatch.amazonaws.com/dashboard.html?...)
    Navigate to the Cognito UserPoolIdentityProvider
    Make note of the User Pool ID (e.g. us-east-1_Q046sC47y)
    Under Make note of the Cognito Domain (e.g. https://cw-db-580360238192.auth.us-east-1.amazoncognito.com)
Edit saml-to.yml in your configured repository and make the following changes:

providers:
  ...
  my-dashboard:
    loginUrl: 'YOUR_DASHBOARD_SHAREABLE_LINK'
    entityId: 'urn:amazon:cognito:sp:YOUR_USER_POOL_ID'
    acsUrl: 'YOUR_COGNITO_DOMAIN/saml2/idpresponse'
    nameIdFormat: email
  ...
permissions:
  ...
  my-dashboard:
    users:
      github:
        - YOUR_GITHUB_USER_ID
        - ANOTHER_GITHUB_USER_ID

Replace YOUR_DASHBOARD_SHAREABLE_LINK with the Shareable Link above
Replace YOUR_USER_POOL_ID with the User Pool ID above
Replace YOUR_COGNITO_DOMAIN with the Cognito Domain above
Replace YOUR_GITHUB_USER_ID with your GitHub Login
- Add other GitHub users as-needed!

Opening the Dashboard

After installing the SAML.to CLI, run the following command:

saml-to login my-dashboard

Which will open a browser window to the dashboard!

PreviousAWS

Last updated 3 years ago