SSO Docker - changed to Bash from YAML (#6611)

openmetadata-docs/content/deployment/security/amazon-cognito-sso/docker.md

@@ -9,7 +9,7 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_cognito.env` file and add the following contents as an example. Use the information
 generated when setting up the account in the previous steps.
 
 ```bash
@@ -21,9 +21,9 @@ AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
 AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
 AUTHENTICATION_PROVIDER=aws-cognito
-AUTHENTICATION_PUBLIC_KEYS=[https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}/.well-known/jwks.json]
-AUTHENTICATION_AUTHORITY=https://cognito-idp.us-west-1.amazonaws.com/{User Pool ID}
-AUTHENTICATION_CLIENT_ID={Client ID}
+AUTHENTICATION_PUBLIC_KEYS=[{Cognito Domain}/{User Pool ID}/.well-known/jwks.json] # Update with your Cognito Domain and User Pool ID
+AUTHENTICATION_AUTHORITY={Cognito Domain}/{User Pool ID} # Update with your Cognito Domain and User Pool ID as follows - https://cognito-idp.us-west-1.amazonaws.com/us-west-1_DL8xfTzj8
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
 AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration

openmetadata-docs/content/deployment/security/auth0/docker.md

@@ -12,26 +12,25 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_auth0.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: auth0
-AUTHENTICATION_PUBLIC_KEYS:
-  - "https://parth-panchal.us.auth0.com/.well-known/jwks.json"
-AUTHENTICATION_AUTHORITY: "https://parth-panchal.us.auth0.com/"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=auth0
+AUTHENTICATION_PUBLIC_KEYS=[{Domain}/.well-known/jwks.json] # Update with your Domain
+AUTHENTICATION_AUTHORITY={Domain} # Update with your Domain
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: auth0
-OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID: Client ID
-OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET: Client Secret
-OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL: Domain
+AIRFLOW_AUTH_PROVIDER=auth0
+OM_AUTH_AIRFLOW_AUTH0_CLIENT_ID={Client ID} # Update with your Client ID
+OM_AUTH_AIRFLOW_AUTH0_CLIENT_SECRET={Client Secret} # Update with your Client Secret
+OM_AUTH_AIRFLOW_AUTH0_DOMAIN_URL={Domain} # Update with your Domain
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/azure/docker.md

@@ -12,29 +12,26 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: azure
-AUTHENTICATION_PUBLIC_KEYS:
-  - "https://login.microsoftonline.com/common/discovery/keys"
-AUTHENTICATION_AUTHORITY: "https://login.microsoftonline.com/{Tenant ID}"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=azure
+AUTHENTICATION_PUBLIC_KEYS=[https://login.microsoftonline.com/common/discovery/keys]
+AUTHENTICATION_AUTHORITY=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: azure
-OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET: Client Secret
-OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL: "https://login.microsoftonline.com/{Tenant ID}"
-OM_AUTH_AIRFLOW_AZURE_SCOPES:
-  - scope 1
-  - scope 2
-OM_AUTH_AIRFLOW_AZURE_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=azure
+OM_AUTH_AIRFLOW_AZURE_CLIENT_SECRET={Client Secret} # Update with your Client Secret
+OM_AUTH_AIRFLOW_AZURE_AUTHORITY_URL=https://login.microsoftonline.com/{Tenant ID} # Update with your Tenant ID
+OM_AUTH_AIRFLOW_AZURE_SCOPES=[{scopes}] # Update with your Scopes
+OM_AUTH_AIRFLOW_AZURE_CLIENT_ID={Client Id} # Update with your Client ID
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/custom-oidc/docker.md

@@ -9,32 +9,31 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_oidc.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: custom-oidc
-CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME: KeyCloak
-AUTHENTICATION_PUBLIC_KEYS:
-  - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
-AUTHENTICATION_AUTHORITY: "http://localhost:8080/realms/myrealm"
-AUTHENTICATION_CLIENT_ID: Client ID
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=custom-oidc
+CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=KeyCloak
+AUTHENTICATION_PUBLIC_KEYS=[{http://localhost:8080/realms/myrealm/protocol/openid-connect/certs}]
+AUTHENTICATION_AUTHORITY={http://localhost:8080/realms/myrealm}
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: custom-oidc
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=custom-oidc
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID={Client Id} # Update with your Client ID
 # Make sure to add the path where the file is saved in the Airflow Volume
 # It needs to be reachable locally by the container
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH: Secret Key Path
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL: endpoint
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH={Secret Key Path} # Update with your Secret Key Path
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL={endpoint} 
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/google/docker.md

@@ -9,7 +9,7 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_google.env` file and add the following contents as an example. Use the information
 generated when setting up the account in the previous steps.
 
 ```bash

openmetadata-docs/content/deployment/security/index.md

@@ -7,10 +7,9 @@ slug: /deployment/security
 
 This section provides detailed instructions to secure the REST endpoints of the OpenMetadata Server.
 
-OpenMetadata has support for Google SSO, Okta SSO, custom OIDC, Auth0, and Azure SSO as identity providers. Please see
-the next sections about how to configure them.
+OpenMetadata has support for Google SSO, Okta SSO, custom OIDC, Auth0, Azure SSO, Amazon Cognito, and OneLogin as identity providers. Please see the next sections about how to configure them.
 
-Enabling Security is only required for your **Production** installation. If you are testing OpenMetadata it will be easier 
+Enabling Security is only required for your **Production** installation. If you are testing OpenMetadata, it will be easier 
 and faster to set up without security. To get up and running quickly with OpenMetadata (without security), 
 please follow the [Quickstart](/quick-start/local-deployment) guide.
 
@@ -61,7 +60,7 @@ please follow the [Quickstart](/quick-start/local-deployment) guide.
     icon="add_moderator"
     href="/deployment/security/amazon-cognito"
   >
-    Configure Okta SSO to access the UI and APIs
+    Configure Amazon Cognito SSO to access the UI and APIs
   </InlineCallout>
   <InlineCallout
     color="violet-70"

openmetadata-docs/content/deployment/security/okta/docker.md

@@ -9,31 +9,30 @@ To enable security for the Docker deployment, follow the next steps:
 
 ## 1. Create an .env file
 
-Create an `openmetadata_azure.env` file and add the following contents as an example. Use the information
+Create an `openmetadata_okta.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: okta
-AUTHENTICATION_PUBLIC_KEYS:
-  - "{ISSUER_URL}/v1/keys"
-AUTHENTICATION_AUTHORITY: "{ISSUER_URL}"
-AUTHENTICATION_CLIENT_ID: "{CLIENT_ID - SPA APP}"
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=okta
+AUTHENTICATION_PUBLIC_KEYS={ISSUER_URL}/v1/keys # Update with your Issuer URL
+AUTHENTICATION_AUTHORITY={ISSUER_URL} # Update with your Issuer URL
+AUTHENTICATION_CLIENT_ID={CLIENT_ID - SPA APP} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: okta
-OM_AUTH_AIRFLOW_OKTA_CLIENT_ID: ${OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
-OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL: ${OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
-OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY: ${OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""}
-OM_AUTH_AIRFLOW_OKTA_SA_EMAIL: ${OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
-OM_AUTH_AIRFLOW_OKTA_SCOPES: ${OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
+AIRFLOW_AUTH_PROVIDER=okta
+OM_AUTH_AIRFLOW_OKTA_CLIENT_ID={OM_AUTH_AIRFLOW_OKTA_CLIENT_ID:-""}
+OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL={OM_AUTH_AIRFLOW_OKTA_ORGANIZATION_URL:-""}
+OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY={OM_AUTH_AIRFLOW_OKTA_PRIVATE_KEY:-""}
+OM_AUTH_AIRFLOW_OKTA_SA_EMAIL={OM_AUTH_AIRFLOW_OKTA_SA_EMAIL:-""}
+OM_AUTH_AIRFLOW_OKTA_SCOPES={OM_AUTH_AIRFLOW_OKTA_SCOPES:-[]}
 ```
 
 ## 2. Start Docker

openmetadata-docs/content/deployment/security/one-login/docker.md

@@ -12,28 +12,27 @@ To enable security for the Docker deployment, follow the next steps:
 Create an `openmetadata_onelogin.env` file and add the following contents as an example. Use the information
 generated when setting up the account.
 
-```yaml
+```shell
 # OpenMetadata Server Authentication Configuration
-AUTHORIZER_CLASS_NAME: org.openmetadata.catalog.security.DefaultAuthorizer
-AUTHORIZER_REQUEST_FILTER: org.openmetadata.catalog.security.JwtFilter
-AUTHORIZER_ADMIN_PRINCIPALS: [ admin ]  # Your `name` from name@domain.com
-AUTHORIZER_INGESTION_PRINCIPALS: [ ingestion-bot ]
-AUTHORIZER_PRINCIPAL_DOMAIN: open-metadata.org
+AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+AUTHORIZER_ADMIN_PRINCIPALS=[admin]  # Your `name` from name@domain.com
+AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
+AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org # Update with your domain
 
-AUTHENTICATION_PROVIDER: custom-oidc
-AUTHENTICATION_PUBLIC_KEYS:
-  - {public key url}
-AUTHENTICATION_AUTHORITY: {issuer url}
-AUTHENTICATION_CLIENT_ID: {Client ID}
-AUTHENTICATION_CALLBACK_URL: http://localhost:8585/callback
+AUTHENTICATION_PROVIDER=custom-oidc
+AUTHENTICATION_PUBLIC_KEYS={public key url} # Update with your Public Key URL
+AUTHENTICATION_AUTHORITY={issuer url} # Update with your Issuer URL
+AUTHENTICATION_CLIENT_ID={Client ID} # Update with your Client ID
+AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
 
 # Airflow Configuration
-AIRFLOW_AUTH_PROVIDER: custom-oidc
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID: Client Id
+AIRFLOW_AUTH_PROVIDER=custom-oidc
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_CLIENT_ID=Client Id # Update with your Client ID
 # Make sure to add the path where the file is saved in the Airflow Volume
 # It needs to be reachable locally by the container
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH: Secret Key Path
-OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL: endpoint
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_SECRET_KEY_PATH=Secret Key Path # Update with your Secret Key Path
+OM_AUTH_AIRFLOW_CUSTOM_OIDC_TOKEN_ENDPOINT_URL=endpoint
 ```
 
 ## 2. Start Docker