Configure a GovCloud Account Using IAM Access Keys (SaaS and AMI)

Configure a GovCloud Account Using a Cross-Account Role (AMI only)

AWS Best Practice Report

Onboard Your AWS Account Using the Cost and Usage Report

Onboard Your AWS Account Using the Detailed Billing Report

Create Least Privilege Policies

Create a Cross-Account Role Manually

Enable Tags for Cost Reports

Enable Detailed Billing Reports

Configure the Cost and Usage Report in AWS

Configure the Cost and Usage Report in CloudCheckr

Create a Cross-Account Role Using CloudFormation

Create an IAM User

Create an IAM User Group

Create AWS Credentials Using IAM Access Keys

Create IAM Admin Users and Adding User to Administrator's Group

Create New AWS User & Access Keys – IAM CLI Script

Configure CloudTrail in AWS

Onboard Your Azure Accounts

Configure a CSP Account

Configure an EA Account

Configure an Active Directory or O365 Account

Configure a Subscription Account in Azure

Customize Your CloudCheckr Environment

Configure Your CloudCheckr Reports

View Billing Data for a Single Subscription

Edit Billing Configuration: Pay-as-You-Go Subscriptions

Azure Cost Alerts

Configure Microsoft Azure Cost Alert

Configure Microsoft Azure Costs (Percent) Alert

Configure an EA Overage Cost Alert

Azure Advanced Grouping Report

Azure Alerts

Cost Reports

Inventory Reports

Security Reports

Utilization Reports

Enable Permissions for Azure Cache for Redis (Redis Cache)

Enable Permissions for Web App Backup Data

Enable Permissions for Storage Accounts

What Is a Subscription Family?

Create a Subscription Family in CloudCheckr

Configure a Subscription Family in CloudCheckr

Azure - Generate Invoices

Azure — Reload Usage Report

Azure - Custom Credit Memos

Azure - Reserved Instance Configuration

Azure - Custom Usage Rates

Azure Custom Billing Charges

Azure – Configure Custom Cost

Memory Metrics for Azure

Configure Best Practices Check Notifications

Customize Service Limits Best Practice Checks

Azure Best Practice Report

Create an Account in CloudCheckr

Customize Your App in CloudCheckr

Configure Notifications in CloudCheckr

Create Multi-Account Views in CloudCheckr

Create a User Group in CloudCheckr

CSV Account Upload

Reports

CloudCheckr Alerts

Bookmarks

Create and Modify Custom Dashboards in CloudCheckr

Edit Account Name in CloudCheckr

Set Up Reseller Links for Azure in CloudCheckr

Set Up Reseller Links for AWS in CloudCheckr

Overview of Single Sign-On in CloudCheckr

Configure IdP-Initiated Single Sign-On in CloudCheckr

Configure SP-Initiated Single Sign-On in CloudCheckr

Configure Single Sign-On for AWS in CloudCheckr

Configure Single Sign-On for Azure Active Directory in CloudCheckr

Configure Single Sign-On for Google in CloudCheckr

Configure Single Sign-On for Okta in CloudCheckr

Configure Single Sign-On for OneLogin in CloudCheckr

Configure Single Sign-On for PingOne in CloudCheckr

User Management in CloudCheckr

Create a User in CloudCheckr

Edit a User in CloudCheckr

Configure What Costs Are Visible to a User

User Groups

Use the Access Control List

Select Account Types to Assign to a Group

Edit a User Group

Clone a User Group

Remove a User Group

Integration Configurations

Integration Configurations – Understanding Your Options

Integrate with Amazon SNS

Integrate with Jira

Integrate with PagerDuty

Integrate with ServiceNow

Integrate with Slack

Integrate with Syslog

CloudCheckr Metrics in AppDynamics

Extension for AppDynamics

IP Requests

New Relic Plugin

Datadog Integration with CloudCheckr CMx

CloudCheckr Basics

CloudCheckr Basics: Billing & Cost Management Dashboard

CloudCheckr Basics: Single Month Summary

CloudCheckr Basics: Cost Alerts

CloudCheckr Basics: Cost Savings

Tags (From Detailed Billing)

Search Tags

Lookup Resources

Tagging Rules

Improperly Tagged Resources

Tag Mapping

Cost Allocator

Custom Billing Charges

Add a Percent Discount or Premium for All Custom Billing Charges

Add a Monthly Percent Custom Billing Charge or Credit

Add a Fixed Custom Billing Charge or Credit

Add a Per Usage Hour Custom Billing Charge or Credit

Add a Per Virtual Machine Custom Billing Charge or Credit

Copying Saved Filters

Cost Reporting

Cost Alerts

AWS Advanced Grouping Report

Consolidated Account Reserved Instance Management

List Cost Analysis

AWS Marketplace Product Name Tag Key

Generate Invoices

Enable Payee List Cost

Tagged/Untagged Resource Reporting

Single Day Billing Summary Report

Payee Support Charges

Consolidated Billing Report

Standard Reserved Instance Amortization

Single Month Billing Summary Report

Account Families

Reserved Instance Rebalancer

Analyzing Your AWS Marketplace Charges

Profit Analysis

Reserved Instance Management

Summarization

Reprocess Billing Reports

Spend Analysis

Historical Monthly Summary Report

Analyzing Your Reserved Instance Purchases

Partner Sys Admin Main Features

Custom Fee Based on On Demand Cost

Reserved Instances and EC2 Instance Size Flexibility

CloudCheckr List Cost

Configuring AWS Config Alerts

Billing Cost Changes Reports

Advanced Filtering Report

Cost View Report

Cost Savings

AWS Billing

AWS Partner Tools

Proportional Payee Amortization

Configure Custom Costs

Copy Billing Data (Payees)

Copy Billing Data (Account Families)

Custom Usage Rate

Custom Usage Hourly Rate

Saving Showback Report

Manage AWS Credits in CloudCheckr

AWS: L2 CUR Functionality

Create Custom Memos

AWS Savings Plans

RI Consuming Account Based Allocation

Assign Credits

AWS Config Reports

Enabling AWS Config Reports

Setting Up Aggregate AWS Config Collection in CloudCheckr

CloudTrail Reports

Aggregate CloudTrail Collection in CloudCheckr

Sending CloudTrail Alerts to Lambda Functions

Enabling CloudTrail Reports

VPC Reports

VPC Flow Logs – Connections

VPC Flow Logs – Events

VPC Flow Logs – Setup

VPC Flow Logs – Summary

Total Compliance

Total Compliance Standards and Regulations

CIS Benchmark

CloudTrail Alerts

Security Groups

Security Reporting

Change Monitoring

How To Set Up Resource Alerts in CloudCheckr

Custom Reports

EC2 Reserved Instance Summary Report

IAM Summary Report

Inventory Reporting

Inventory Trending Reports: EC2 Instances

List of IAM Users Report

RDS Reserved Instance Reports

Trending

Using CloudCheckr to See What Is Running in S3

AWS Utilization

How to Set Up a CloudWatch Agent

The EC2 Instance Right Sizing Report

Right-Sizing – How to Configure User Groups and Workflows

Custom Best Practices

Automation

Copy Tags to Volumes

Copy Tags to Volumes: Configure Automation

Copy Tags to Volumes: EC2 Tags

Copy Tags to Volumes: Ignore List

Copy Tags to Volumes: Show History

Get Started with CloudCheckr's Self-Hosted Product

Configure a CPV App for an Azure CSP Commercial Account

Configure a CPV App for an Azure CSP Gov/Germany Account

Compare the AWS Self-Hosted Offerings

End of Support for CloudCheckr AMI

API User Guide

Admin API Reference Guide

API Reference Guide (AWS)

API Reference Guide (Inventory)

API Reference Guide

What's New (SaaS)

What's New (Self-Hosted)

AWS: General

AWS: Assigned Credits

AWS: Cost and Billing

AWS: Monthly Rollover

AWS: Onboarding

AWS: Transition from DBR to CUR

Azure: General

Azure: Azure Plan (CSP)

CloudCheckr: General

CloudCheckr Glossary

Resources

A New CloudCheckr Experience

Intro to CloudCheckr CMx

Overview of Single Sign-On in CloudCheckr CMx

Configure IdP-Initiated Single Sign-On in CloudCheckr CMx

Configure SP-Initiated Single Sign-On in CloudCheckr CMx

Configure Single Sign-On in AWS for CloudCheckr CMx

Configure Single Sign-On for Azure Active Directory in CloudCheckr CMx

Configure Single Sign-On for Google in CloudCheckr CMx

Configure Single Sign-On for Okta in CloudCheckr CMx

Configure Single Sign-On for OneLogin in CloudCheckr CMx

Configure Single Sign-On for PingOne in CloudCheckr CMx

Email Settings in CloudCheckr CMx

Customize Your App in CloudCheckr CMx

Get Started with AWS Control Tower

Home Page in CloudCheckr CMx

Header Bar in CloudCheckr CMx

Left Navigation Pane in CloudCheckr CMx

How To Dock/Undock CloudCheckr CMx Content

Account Switcher in CloudCheckr CMx

Dashboard Pane in CloudCheckr CMx

Settings Menu in CloudCheckr CMx

Account Hierarchy Page in CloudCheckr CMx

Customers in CloudCheckr CMx

Accounts in CloudCheckr CMx

Multi-Account Views in CloudCheckr CMx

Attributes in CloudCheckr CMx

Modify an AWS Account in CloudCheckr CMx

Configure a Google Cloud Account in CloudCheckr CMx

Modify an Azure Account in CloudCheckr CMx

Modify a Google Cloud Account in CloudCheckr CMx

Access Management in CloudCheckr CMx

Users in CloudCheckr CMx

Roles in CloudCheckr CMx

Permission Sets in CloudCheckr CMx

Clients in CloudCheckr CMx

Summary Report in CloudCheckr CMx

Pivot Explorer Report in CloudCheckr CMx

Service Category in CloudCheckr CMx

Configure CloudCheckr CMx API

CloudCheckr CMx Federal

CloudCheckr CMx High Security

CloudCheckr FinanceManager: Frequently Asked Questions

CloudCheckr FinanceManager Specification Sheet

Introduction to CloudCheckr FinanceManager

How to Install CloudCheckr FinanceManager

Install CloudCheckr FinanceManager in On-Premise Data Center

Deploy CloudCheckr FinanceManager from the Azure Marketplace

CloudCheckr FinanceManager Concepts

CloudCheckr FinanceManager: Datadate

CloudCheckr FinanceManager: Datasets

CloudCheckr FinanceManager: Program Directory

CloudCheckr FinanceManager: Home Directory

CloudCheckr FinanceManager: RDFs

CloudCheckr FinanceManager: Services

CloudCheckr FinanceManager: Azure Stack

Introduction to Reports in CloudCheckr FinanceManager

Accounts Report in CloudCheckr FinanceManager

Services Report in CloudCheckr FinanceManager

Summary Report in CloudCheckr FinanceManager

Services Page in CloudCheckr FinanceManager

Rates Page in CloudCheckr FinanceManager

Adjustment Policies in CloudCheckr FinanceManager

Extraction in CloudCheckr FinanceManager

Configure Extractors in CloudCheckr FinanceManager

Integration Templates in CloudCheckr FinanceManager

Script Basics in CloudCheckr FinanceManager

Parslets in CloudCheckr FinanceManager

Language for Extract Statements in CloudCheckr FinanceManager

CloudCheckr FinanceManager Extract Statement: aws_sign_string

CloudCheckr FinanceManager Extract Statement: basename

CloudCheckr FinanceManager Extract Statement: buffer

CloudCheckr FinanceManager Extract Statement: clear

CloudCheckr FinanceManager Extract Statement: csv

CloudCheckr FinanceManager Extract Statement: discard

CloudCheckr FinanceManager Extract Statement: encode

CloudCheckr FinanceManager Extract Statement: encrypt

CloudCheckr FinanceManager Extract Statement: escape

CloudCheckr FinanceManager Extract Statement: exit_loop

CloudCheckr FinanceManager Extract Statement: foreach

CloudCheckr FinanceManager Extract Statement: get_last_day_of

CloudCheckr FinanceManager Extract Statement: gosub

CloudCheckr FinanceManager Extract Statement: hash

CloudCheckr FinanceManager Extract Statement: http

CloudCheckr FinanceManager Extract Statement: if

CloudCheckr FinanceManager Extract Statement: json

CloudCheckr FinanceManager Extract Statement: loglevel

CloudCheckr FinanceManager Extract Statement: loop

CloudCheckr FinanceManager Extract Statement: match

CloudCheckr FinanceManager Extract Statement: pause

CloudCheckr FinanceManager Extract Statement: print

CloudCheckr FinanceManager Extract Statement: return

CloudCheckr FinanceManager Extract Statement: save

CloudCheckr FinanceManager Extract Statement: set

CloudCheckr FinanceManager Extract Statement: subroutine

CloudCheckr FinanceManager Extract Statement: terminate

CloudCheckr FinanceManager Extract Statement: unzip

CloudCheckr FinanceManager Extract Statement: uri

CloudCheckr FinanceManager Extract Statement: var

Transform (Transcript) in CloudCheckr FinanceManager

Configure Transformers in CloudCheckr FinanceManager

Language for Transform Statements in CloudCheckr FinanceManager

CloudCheckr FinanceManager Transform Statement: aggregate

CloudCheckr FinanceManager Transform Statement: append

CloudCheckr FinanceManager Transform Statement: calculate

CloudCheckr FinanceManager Transform Statement: capitalize

CloudCheckr FinanceManager Transform Statement: convert

CloudCheckr FinanceManager Transform Statement: copy

CloudCheckr FinanceManager Transform Statement: correlate

CloudCheckr FinanceManager Transform Statement: create

CloudCheckr FinanceManager Transform Statement: csv

CloudCheckr FinanceManager Transform Statement: default

CloudCheckr FinanceManager Transform Statement: delete

CloudCheckr FinanceManager Transform Statement: export

CloudCheckr FinanceManager Transform Statement: finish

CloudCheckr FinanceManager Transform Statement: if

CloudCheckr FinanceManager Transform Statement: import

CloudCheckr FinanceManager Transform Statement: include

CloudCheckr FinanceManager Transform Statement: lowercase

CloudCheckr FinanceManager Transform Statement: normalize

CloudCheckr FinanceManager Transform Statement: option

CloudCheckr FinanceManager Transform Statement: rename

CloudCheckr FinanceManager Transform Statement: replace

CloudCheckr FinanceManager Transform Statement: round

CloudCheckr FinanceManager Transform Statement: service

CloudCheckr FinanceManager Transform Statement: services

CloudCheckr FinanceManager Transform Statement: set

CloudCheckr FinanceManager Transform Statement: split

CloudCheckr FinanceManager Transform Statement: terminate

CloudCheckr FinanceManager Transform Statement: time columns

CloudCheckr FinanceManager Transform Statement: timerender

CloudCheckr FinanceManager Transform Statement: timestamp

CloudCheckr FinanceManager Transform Statement: update service

CloudCheckr FinanceManager Transform Statement: uppercase

CloudCheckr FinanceManager Transform Statement: var

CloudCheckr FinanceManager Transform Statement: where

GUI Automation

Examples

Azure-AD

Auth0

Integrate

Reports in CloudCheckr FinanceManager

Workflows in CloudCheckr FinanceManager

Metadata in CloudCheckr FinanceManager

User Management in CloudCheckr FinanceManager

Users in CloudCheckr FinanceManager

Groups in CloudCheckr FinanceManager

Settings in CloudCheckr FinanceManager

Metadata

CloudCheckr Education and Certification

CloudCheckr Labs

All Categories > Documentation > CloudCheckr CMx > Configuration > Single Sign-On > Configure Single Sign-On in AWS for CloudCheckr CMx

Configure Single Sign-On in AWS for CloudCheckr CMx

In this topic, you will learn how to set up Single Sign-On (SSO) for your AWS account in CloudCheckr CMx by configuring:

AWS (the Identity Provider or IdP)
CloudCheckr CMx (the Service Provider or SP)

Prerequisite

You must be an enterprise customer to use IdP-initiated SSO.

Workflow

Create a support ticket in the CloudCheckr Service Desk Portal that indicates you need to set up SAML.
A CloudCheckr Support engineer will:
- walk you through how to generate SAML IdP metadata through your SSO provider
- validate that the authentication process is working in your environment successfully
  Although CloudCheckr will provision your users for the first-time logon, your organization must enable specific permissions and account access for your CloudCheckr CMx users. For more information, see the Access Management and Roles topics.

Log in to the AWS Management Console.
In the Find Services text field, type AWS SSO
From the Dashboard, click Applications.
Click Add a new application.

The AWS SSO Application Catalog opens.
Click Add a custom SAML 2.0 application.
In the Details section:
1. Type CloudCheckr CMx in the Display name field.
2. Type Cloud Management Platform In the Description field.
In the AWS SSO metadata section:

Click Download to download the AWS SSO SAML metadata file and send it to Support.

Under Session duration in the Application properties section, select Custom duration for and select 900 seconds.
In the Application metadata section:

Click the link, If you don't have a metadata file, you can manually type your metadata values.

Choose the Application ACS URL and Application SAML Audience that match the AWS region you use to access CloudCheckr:

Region	Application ACS URL	Application SAML Audience
US	https://auth-us.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-us.cloudcheckr.com/auth
EU	https://auth-eu.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-eu.cloudcheckr.com/auth
AU	https://auth-au.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-au.cloudcheckr.com/auth
GOV	https://auth-gov.cloudcheckr.com/auth/sso/saml2/Acs	https://auth-gov.cloudcheckr.com/auth

Type the values you just selected into the appropriate fields.
Click Save Changes.

Click Attribute Mappings.
Perform the following actions in this tab:
1. For the Subject User attribute, type ${user:email} and leave the format as emailAddress.
2. Click Add new attribute mapping.
3. For the name attribute, type${user:email} and leave the format as unspecified.
Click Assigned users.
Click Assign users to assign users you would like to access CloudCheckr CMx from your directory.
Once Support has added your metadata to your account, select CloudCheckr CMx from your AWS apps list to log in.

How did we do?

(opens in a new tab)

Configure Single Sign-On in AWS for CloudCheckr CMx

Prerequisite

Workflow

How did we do?

Related Articles Configure Single Sign-On for AWS in CloudCheckr Configure Single Sign-On for Google in CloudCheckr CMx Configure Single Sign-On for Okta in CloudCheckr CMx

Contact

Related Articles

Configure Single Sign-On for AWS in CloudCheckr

Configure Single Sign-On for Google in CloudCheckr CMx

Configure Single Sign-On for Okta in CloudCheckr CMx