We are going to add some attributes into scim2-schema-extension.config, but we can't find list of available data types for this config.
In the config we have found some types: boolean, string, complex, datetime. What other data types can be used?
You can use one of the data types defined in SCIM specification: https://www.rfc-editor.org/rfc/rfc7643.html#section-2.3
Related
I want to send custom attribute values along with message in the SQS queue. I've come across MessageAttributeValue and MessageSystemAttributeValue. Both have almost same definition in AWS documentation.
What's the difference between them?
MessageAttributeValue documentation
MessageSystemAttributeValue documentation
The difference is on the use:
Message attribute: You can use message attributes to attach custom metadata to Amazon SQS messages for your applications.
Message system attribute: You can use message system attributes to store metadata for other Amazon services (currently, the only supported message system attribute is AWSTraceHeader. And its value must be a correctly formatted Amazon X-Ray trace header string).
MessageAttributes are normal attributes of a message. MessageSystemAttributes are special attributes, and there is only one of those:
Currently, the only supported message system attribute is AWSTraceHeader. Its type must be String and its value must be a correctly formatted AWS X-Ray trace header string.
Which is what you get when you look at the actual usage of the data type within the documentation instead of just looking at the raw data type itself, e.g.: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html
I am trying to use the AWS SSO SCIM API in order to retrieve the AWS SSO groups for a particular user.
Looking at the documentation https://docs.aws.amazon.com/singlesignon/latest/developerguide/listgroups.html
It mentions the following
To see group info for a certain member, call ListGroup with a member filter
If you're using the member filter, you have to use the id filter (refer to supported filter combinations).
It appears that the id filter, is the group ID, because of this note: Note that the use of id as an individual filter, while valid, should be avoided as there is already a getGroup endpoint available.
Also, at https://docs.aws.amazon.com/singlesignon/latest/developerguide/limitations.html next to the members attribute it mentions that it is supported, but cannot be read in a response.
I have been playing with the API but could not get any group info for a user regardless of the combination of the parameters.
Based on the above, I conclude that the API does not support retrieving group data for a user. Would you agree?
I don't have access to an AWS SSO SCIM endpoint, but from looking at the documentation I suspect one of the two approaches may be possible:
GET /users/id and look at the value for "groups" - this one seems questionable as the limitations page says they support the user resource's "groups" attribute, but there's also a note about not supporting multi-valued user attributes. You may need to explicitly add the ?attributes=groups parameter to your GET to ask for that attribute to be returned, if it is in fact supported.
GET /groups?filter=members[value eq "userId"] or some variation of that depending on what syntax they allow. This isn't listed as supported, but if it works, I expect that you would get a list of groups in response that did not contain the "members" attribute - but that each group returned would match the query.
There's some amount of uncertainty with both of these, but with the information available those seem like the two most likely paths to successfully accomplish what you are aiming for. If neither of those work, it may not be possible - but a support case with AWS would probably be helpful to confirm there.
As #ZollnerdMSFT recommended, I raised an AWS support request. AWS support responded that the AWS SSO SCIM API does not support retrieving the groups associated with a user. They have submitted this as a feature request internally, however, cannot provide an estimate as to when it will be implemented.
I am getting a value returned by hitting a HTTP endpoint which I am storing in a column. Now a want to trigger another Http Endpoint with the value in the column. But the HTTP endpoint takes hardcoded values or macros only. So I want to know if I can set a run-time argrument based on the column value
Please suggest How I can do this.
There are few ways of setting runtime arguments:
Using Argument Setter Plugin - type of Action plugin that allows one to create reusable pipelines by dynamically substituting the configurations that can be served by an HTTP Server.
Specifying runtime arguments as a JSON map in the request body, when starting an program.
CDAP Preferences HTTP RESTful API.
I recommend you check the official documentation for Datafusion, where you can find a way of setting variables/macros using the GCS bucket.
Additionally, have a look at the following thread on SO. It describes the method with specifying runtime arguments as a JSON map in the request body.
I am trying to retrieve internal attributes from openldap server. More specifically I need to retrieve entryUUID attribute of an object. In LDAP, objectGUID is being fetched from server but couldn't retrieve similar field from openldap.
SCOPE_SUBTREE is being used to retrieve attributes.
Anyone knows way out? Thanks in advance.
It was probably downvoted because it is recommended to use this attribute as a means of uniquely identifying an entry. For example,
"'entryUUID' operational
attribute and associated matching rules and syntax. The attribute
holds a server-assigned Universally Unique Identifier (UUID) for the
object. Directory clients may use this attribute to distinguish
objects identified by a distinguished name or to locate an object
after renaming."
from the offical Open Ldap documentation.
Internal or operational attributes can be requested using '+', which will return operational attributes for a Ldap entry including the entryuuid.
It's an operational attribute, so you have to request it explicitly, or include "+" in the attributes to be returned.
However you should not be using this for your own purposes. It's none of your business. It can change across backup/restore, for example.
I took a look through the documentation, but couldn't find it. Can anybody who has used the service answer this?
DynamoDB objects' attributes can be int, string, int set or string set.
JSONP is string representing a javascript code that can be parsed.
What is the use you intend for it? What object are you going to store?
Are you invoking an AJAX call to the dynamodb api to retrieve an element and you want that element to follow JSONP pattern? or you wish to call DynamoDB in your server (perhaps using a servlet) and prepare a JSONP object to be sent to the client