Hello,
We have Google SSO configured with SAML. Does anyone know if there is a way to automatically partition users into user groups for QS from Google Workspace? If not, is there a better way of doing this than in the console?
Hi @dspringer,
Check out this prior post that discusses something similar; to my understanding, there is currently not an out of the box option to easily auto-assign users.
However, I will go ahead and tag this as a feature request to promote visibility to the support team.
@dspringer unfortunately I never really found a solution for it. I’ve thought about writing an app or something to do this via a cron job, but there would almost certainly be a delay. Let me know if you come up with any ideas.
Hi @particlepat ,
Unfortunately that is a limitation today of using IAM federation per our documentation IAM federation - Amazon Quick Suite (IAM identity federation doesn’t support syncing identity provider groups with Amazon Quick Suite.)
As @Brett pointed out in the other post, running a script and leveraging Quick Suite APIs to place the user into the group after they’re provisioned would be one approach. Another, if possible, is to use Identity Center (integrated with your external SAML provider) which does support automatic group syncing.
I am marking this reply as, “Solution,” but let us know if this is not resolved. Thanks for posting your questions on the Quick Suite Community Q&A Forum!