SSO Docker - changed to Bash from YAML (#6611)

openmetadata-docs/content/deployment/security/amazon-cognito-sso/docker.md

@@ -9,7 +9,7 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_cognito.env` file and add the following contents as an example. Use the information
 generated when setting up the account in the previous steps.
 
 ```bash
@@ -21,9 +21,9 @@ AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=aws-cognito
-AUTHENTICATION_PUBLIC_KEYS=[https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}/.well-known/jwks.json]
-AUTHENTICATION_AUTHORITY=https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}
-AUTHENTICATION_CLIENT_ID={Client ID}
+AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json] # Update with your Cognito Domain and User Pool ID
+AUTHENTICATION_AUTHORITY={Cognito Domain}/{User Pool ID} # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
 AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration

openmetadata-docs/content/deployment/security/auth0/docker.md

@@ -12,26 +12,25 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_auth0.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: auth0
-AUTHENTICATION_PUBLIC_KEYS:
-  - "https://parth-panchal.us.auth0.com/.well-known/jwks.json"
-AUTHENTICATION_AUTHORITY: "https://parth-panchal.us.auth0.com/"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=auth0
+AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json] # Update with your Domain
+AUTHENTICATION_AUTHORITY={Domain} # Update with your Domain
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: auth0
-OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID: Client ID
-OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET: Client Secret
-OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL: Domain
+AIRFLOW_AUTH_PROVIDER=auth0
+OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID={Client ID} # Update with your Client ID
+OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET={Client Secret} # Update with your Client Secret
+OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL={Domain} # Update with your Domain
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/azure/docker.md

@@ -12,29 +12,26 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: azure
-AUTHENTICATION_PUBLIC_KEYS:
-  - "https://login.microsoftonline.com/common/discovery/keys"
-AUTHENTICATION_AUTHORITY: "https://login.microsoftonline.com/{Tenant ID}"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=azure
+AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys]
+AUTHENTICATION_AUTHORITY=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: azure
-OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET: Client Secret
-OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL: "https://login.microsoftonline.com/{Tenant ID}"
-OM_AUTH_AIRFLOW_AZURE_SCOPES:
-  - scope 1
-  - scope 2
-OM_AUTH_AIRFLOW_AZURE_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=azure
+OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET={Client Secret} # Update with your Client Secret
+OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID
+OM_AUTH_AIRFLOW_AZURE_SCOPES=[{scopes}] # Update with your Scopes
+OM_AUTH_AIRFLOW_AZURE_CLIENT_ID={Client Id} # Update with your Client ID
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/custom-oidc/docker.md

@@ -9,32 +9,31 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_oidc.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: custom-oidc
-CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME: KeyCloak
-AUTHENTICATION_PUBLIC_KEYS:
-  - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
-AUTHENTICATION_AUTHORITY: "http://localhost:8080/realms/myrealm"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=custom-oidc
+CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak
+AUTHENTICATION_PUBLIC_KEYS=[{http://localhost:8080/realms/myrealm/protocol/openid-connect/certs}]
+AUTHENTICATION_AUTHORITY={http://localhost:8080/realms/myrealm}
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: custom-oidc
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=custom-oidc
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID={Client Id} # Update with your Client ID
 # Make sure to add the path where the file is saved in the Airflow Volume
 # It needs to be reachable locally by the container
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH: Secret Key Path
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL: endpoint
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH={Secret Key Path} # Update with your Secret Key Path
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL={endpoint} 
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/google/docker.md

@@ -9,7 +9,7 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_google.env` file and add the following contents as an example. Use the information
 generated when setting up the account in the previous steps.
 
 ```bash

openmetadata-docs/content/deployment/security/index.md

@@ -7,10 +7,9 @@ slug: /deployment/security
 
 This section provides detailed instructions to secure the REST endpoints of the OpenMetadata Server.
 
-OpenMetadata has support for Google SSO, Okta SSO, custom OIDC, Auth0, and Azure SSO as identity providers. Please see
-the next sections about how to configure them.
+OpenMetadata has support for Google SSO, Okta SSO, custom OIDC, Auth0, Azure SSO, Amazon Cognito, and OneLogin as identity providers. Please see the next sections about how to configure them.
 
-Enabling Security is only required for your **Production** installation. If you are testing OpenMetadata it will be easier 
+Enabling Security is only required for your **Production** installation. If you are testing OpenMetadata, it will be easier 
 and faster to set up without security. To get up and running quickly with OpenMetadata (without security), 
 please follow the [Quickstart](/quick-start/local-deployment) guide.
 
@@ -61,14 +60,14 @@ please follow the [Quickstart](/quick-start/local-deployment) guide.
     icon="add_moderator"
     href="/deployment/security/amazon-cognito"
   >
-    Configure Okta SSO to access the UI and APIs
+    Configure Amazon Cognito SSO to access the UI and APIs
   </InlineCallout>
   <InlineCallout
     color="violet-70"
-    bold="One Login SSO"
+    bold="OneLogin SSO"
     icon="add_moderator"
     href="/deployment/security/one-login"
   >
-    Configure One Login SSO to access the UI and APIs
+    Configure OneLogin SSO to access the UI and APIs
   </InlineCallout>
 </InlineCalloutContainer>

openmetadata-docs/content/deployment/security/okta/docker.md

@@ -9,31 +9,30 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_okta.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: okta
-AUTHENTICATION_PUBLIC_KEYS:
-  - "{ISSUER_URL}/v1/keys"
-AUTHENTICATION_AUTHORITY: "{ISSUER_URL}"
-AUTHENTICATION_CLIENT_ID: "{CLIENT_ID - SPA APP}"
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=okta
+AUTHENTICATION_PUBLIC_KEYS={ISSUER_URL}/v1/keys # Update with your Issuer URL
+AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL
+AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: okta
-OM_AUTH_AIRFLOW_OKTA_CLIENT_ID: ${OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
-OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL: ${OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
-OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY: ${OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""}
-OM_AUTH_AIRFLOW_OKTA_SA_EMAIL: ${OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
-OM_AUTH_AIRFLOW_OKTA_SCOPES: ${OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
+AIRFLOW_AUTH_PROVIDER=okta
+OM_AUTH_AIRFLOW_OKTA_CLIENT_ID={OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
+OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL={OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
+OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY={OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""}
+OM_AUTH_AIRFLOW_OKTA_SA_EMAIL={OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
+OM_AUTH_AIRFLOW_OKTA_SCOPES={OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/one-login/bare-metal.md

@@ -1,22 +1,22 @@
 ---
-title: One Login SSO for Bare Metal
+title: OneLogin SSO for Bare Metal
 slug: /deployment/security/one-login/bare-metal
 ---
 
-# One Login SSO for Bare Metal
+# OneLogin SSO for Bare Metal
 
 ## Update conf/openmetadata.yaml
 
 Once the `Client Id` and `Client Secret` are generated add the `Client Id` in `openmetadata.yaml` file in `client_id` field.
 
 Update the providerName config to the name you want to display in the `Sign In` button in the UI. 
-For example, with the following configuration with `providerName` set to `One Login`, the users will see `Sign In with One Login SSO` 
+For example, with the following configuration with `providerName` set to `OneLogin`, the users will see `Sign In with OneLogin SSO` 
 in the `Sign In` page of the OpenMetadata UI.
 
 ```yaml
 authenticationConfiguration:
   provider: "custom-oidc"
-  providerName: "One Login"
+  providerName: "OneLogin"
   publicKeyUrls: 
     - "{IssuerUrl}/certs"
   authority: "{IssuerUrl}"

openmetadata-docs/content/deployment/security/one-login/docker.md

@@ -12,28 +12,27 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_onelogin.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: custom-oidc
-AUTHENTICATION_PUBLIC_KEYS:
-  - {public key url}
-AUTHENTICATION_AUTHORITY: {issuer url}
-AUTHENTICATION_CLIENT_ID: {Client ID}
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=custom-oidc
+AUTHENTICATION_PUBLIC_KEYS={public key url} # Update with your Public Key URL
+AUTHENTICATION_AUTHORITY={issuer url} # Update with your Issuer URL
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: custom-oidc
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=custom-oidc
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID=Client Id # Update with your Client ID
 # Make sure to add the path where the file is saved in the Airflow Volume
 # It needs to be reachable locally by the container
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH: Secret Key Path
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL: endpoint
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH=Secret Key Path # Update with your Secret Key Path
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL=endpoint
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/one-login/index.md

@@ -1,11 +1,11 @@
 ---
-title: One Login SSO
+title: OneLogin SSO
 slug: /deployment/security/one-login
 ---
 
-# One Login SSO
+# OneLogin SSO
 
-Follow the sections in this guide to set up One Login SSO.
+Follow the sections in this guide to set up OneLogin SSO.
 
 <Collapse title="Create Server Credentials">
 
@@ -65,7 +65,7 @@ After the applying these steps, you can update the configuration of your deploym
     bold="Docker Security"
     href="/deployment/security/one-login/docker"
   >
-    Configure One Login SSO for your Docker Deployment.
+    Configure OneLogin SSO for your Docker Deployment.
   </InlineCallout>
   <InlineCallout
     color="violet-70"
@@ -73,7 +73,7 @@ After the applying these steps, you can update the configuration of your deploym
     bold="Bare Metal Security"
     href="/deployment/security/one-login/bare-metal"
   >
-    Configure One Login SSO for your Bare Metal Deployment.
+    Configure OneLogin SSO for your Bare Metal Deployment.
   </InlineCallout>
   <InlineCallout
     color="violet-70"
@@ -81,7 +81,7 @@ After the applying these steps, you can update the configuration of your deploym
     bold="Kubernetes Security"
     href="/deployment/security/one-login/kubernetes"
   >
-    Configure One Login SSO for your Kubernetes Deployment.
+    Configure OneLogin SSO for your Kubernetes Deployment.
   </InlineCallout>
 </InlineCalloutContainer>
 

openmetadata-docs/content/deployment/security/one-login/kubernetes.md

@@ -1,5 +1,5 @@
 ---
-title: One Login SSO for Kubernetes
+title: OneLogin SSO for Kubernetes
 slug: /deployment/security/one-login/kubernetes
 ---