CloudWatch Dashboard Sharing

Initial Setup

  1. Set up SSO for CloudWatch dashboard sharing

    1. When setting Identity Providers on the Cognito User Pool, choose SAML

    2. When prompted for a Metadata document

      1. Upload the IdP Metadata from SAML.to for your User or Organization

    3. When prompted for the Provider name

      1. Input saml-to

  2. In Dashboard Sharing, select saml-to as the Identity Provider

  3. Go to the desired Dashboard in CloudWatch

    1. Click Actions then Share Dashboard

    2. Under Share all your account’s CloudWatch dashboards using single sign-on (SSO)

      1. Under Resources

        1. Make note of the Sharable Link (e.g. https://cloudwatch.amazonaws.com/dashboard.html?...)

        2. Navigate to the Cognito UserPoolIdentityProvider

          1. Make note of the User Pool ID (e.g. us-east-1_Q046sC47y)

          2. Under Make note of the Cognito Domain (e.g. https://cw-db-580360238192.auth.us-east-1.amazoncognito.com)

  4. Edit saml-to.yml in your configured repository and make the following changes:

providers:
  ...
  my-dashboard:
    loginUrl: 'YOUR_DASHBOARD_SHAREABLE_LINK'
    entityId: 'urn:amazon:cognito:sp:YOUR_USER_POOL_ID'
    acsUrl: 'YOUR_COGNITO_DOMAIN/saml2/idpresponse'
    nameIdFormat: email
  ...
permissions:
  ...
  my-dashboard:
    users:
      github:
        - YOUR_GITHUB_USER_ID
        - ANOTHER_GITHUB_USER_ID

  • Replace YOUR_DASHBOARD_SHAREABLE_LINK with the Shareable Link above

  • Replace YOUR_USER_POOL_ID with the User Pool ID above

  • Replace YOUR_COGNITO_DOMAIN with the Cognito Domain above

  • Replace YOUR_GITHUB_USER_ID with your GitHub Login

    • Add other GitHub users as-needed!

Opening the Dashboard

After installing the SAML.to CLI, run the following command:

saml-to login my-dashboard

Which will open a browser window to the dashboard!

PreviousAWS

Last updated