Giter VIP home page Giter VIP logo

Comments (4)

ChrisPates avatar ChrisPates commented on August 16, 2024 1

This issue was addressed in v2.0 of SSOSync.

from ssosync.

hazelguo avatar hazelguo commented on August 16, 2024

Same problem! any update or workaround?

from ssosync.

hadrianbs avatar hadrianbs commented on August 16, 2024

@hazelguo ended forking and modified the AWS SSO user creation part. I added a check before creating the user on AWS SSO side, if the user already exist, then it will skip the user creation.
This causes a lot more API calls to AWS SCIM API, but solves the 409 conflict problem.
I'm planning to open a PR to address this issue when I got the time, hopefully soon.

from ssosync.

christiangda avatar christiangda commented on August 16, 2024

@hadrianbs @hazelguo there is no way to mitigate this using this program (at least without a big refactoring) and this is one of the reasons that motivate me to find a different alternative.

Since some time ago I have been working on a new approach of the sync, today I have been tested my last code in the devel branch here https://github.com/slashdevops/idp-scim-sync/tree/develop. I will deliver the version v0.0.1 soon, as soon I write some documentation.

for the new approach, I'm using the same method that terraform use, an state file to avoid the use of the AWS SSO SCIM API calls after the first sync. What I mean is, once the first sync occurs, the following sync only compare changes with this state file stored in AWS S3 with mean only one AWS S3 API call to get all the data, and once the comparison exists with the fresh data coming from GWS the program only perform a specific call to AWS SSO SCIM API with the differences.

If you want to see what this is about, check the images files here https://github.com/slashdevops/idp-scim-sync/tree/develop/docs/images/demo I created these today.

WARNING: if do you want to test it, just clone the project and use the develop branch execute make command.

then ./build/idpscim --help

./build/idpscim --help

Sync your Google Workspace Groups and Users to AWS Single Sing-On using
AWS SSO SCIM API (https://docs.aws.amazon.com/singlesignon/latest/developerguide/what-is-scim.html).

Usage:
  idpscim [flags]

Flags:
  -k, --aws-s3-bucket-key string          AWS S3 Bucket key to store the state
  -b, --aws-s3-bucket-name string         AWS S3 Bucket name to store the state
  -t, --aws-scim-access-token string      AWS SSO SCIM API Access Token
  -e, --aws-scim-endpoint string          AWS SSO SCIM API Endpoint
  -d, --debug                             fast way to set the log-level to debug
  -s, --gws-service-account-file string   path to Google Workspace service account file (default "credentials.json")
  -u, --gws-user-email string             Google Workspace user email with allowed access to the Google Workspace Service Account
  -h, --help                              help for idpscim
  -f, --log-format string                 set the log format (default "text")
  -l, --log-level string                  set the log level [panic|fatal|error|warn|info|debug|trace] (default "info")
  -q, --query-groups strings              Google Workspace Groups query parameter, example: --query-groups 'name:Admin* email:admin*' --query-groups 'name:Power* email:power*', see: https://developers.google.com/admin-sdk/directory/v1/guides/search-groups
  -r, --query-users strings               Google Workspace Users query parameter, example: --query-users 'name:Admin* email:admin*' --query-users 'name:Power* email:power*', see: https://developers.google.com/admin-sdk/directory/v1/guides/search-users
  -n, --state-enabled                     enable state
  -m, --sync-method string                Sync method to use [groups] (default "groups")
  -v, --version                           version for idpscim

from ssosync.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.