diff --git a/openmetadata-docs/content/v1.4.x/deployment/security/saml/bare-metal.md b/openmetadata-docs/content/v1.4.x/deployment/security/saml/bare-metal.md new file mode 100644 index 00000000000..3414e434c5c --- /dev/null +++ b/openmetadata-docs/content/v1.4.x/deployment/security/saml/bare-metal.md @@ -0,0 +1,53 @@ +--- +title: SAML SSO for Bare Metal +slug: /deployment/security/saml/bare-metal +--- + +# SAML SSO for Bare Metal + +## Update conf/openmetadata.yaml + + +Follow this sections in this guide to set up Saml for almost any IDP. In Openmetadata the SAML configuration +are divided into the following three sections:- + +- Identity Provide (IDP) Configuration + +```yaml + idp: + entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} + ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} + idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} + authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} + nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} +``` + +- Service Provider (SP) Configuration (SP is Openmetadata) + +```yaml + sp: + entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} + acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} + spX509Certificate: ${SAML_SP_CERTIFICATE:-""} + callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} + +``` +- Security Config + +```yaml + security: + strictMode: ${SAML_STRICT_MODE:-false} + tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} + sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} + sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} + signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} + wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} + wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} + wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} + wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} + keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} + keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} + keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} \ No newline at end of file diff --git a/openmetadata-docs/content/v1.4.x/deployment/security/saml/docker.md b/openmetadata-docs/content/v1.4.x/deployment/security/saml/docker.md new file mode 100644 index 00000000000..fdc17b77727 --- /dev/null +++ b/openmetadata-docs/content/v1.4.x/deployment/security/saml/docker.md @@ -0,0 +1,58 @@ +--- +title: SAML SSO for Docker +slug: /deployment/security/saml/docker +--- + +# Keycloak SSO for Docker + +To enable security for the Docker deployment, follow the next steps: + +## 1. Create an .env file + +Create an `openmetadata_saml.env` file and add the following contents as an example. Use the information +generated when setting up the account. + +The configuration below already uses the presets shown in the example of SAML configurations, you can change to yours. + +{% note %} + +If you are using an environment variable from an external file in our setup, and this environment variable is commented out in the `docker-compose` file, it will not be considered. To ensure it works, the commented section in the docker-compose file must be uncommented. + +{% /note %} + +```shell +# OpenMetadata Server IDP Configuration +SAML_IDP_ENTITY_ID=https://mocksaml.com/api/saml/sso +SAML_IDP_SSO_LOGIN_URL=https://saml.example.com/entityid +SAML_IDP_CERTIFICATE=/path/to/the/certificate +SAML_AUTHORITY_URL=http://localhost:8585/api/v1/saml/login +SAML_IDP_NAME_ID=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + +# OpenMetadata Server SP Configuration +SAML_SP_ENTITY_ID=http://localhost:8585/api/v1/saml/metadata +SAML_SP_ACS=http://localhost:8585/api/v1/saml/acs +SAML_SP_CERTIFICATE=/path/to/the/certificate +SAML_SP_CALLBACK=http://localhost:8585/saml/callback + +# OpenMetadata Server Security Configuration +SAML_STRICT_MODE=false +SAML_SP_TOKEN_VALIDITY=3600 +SAML_SEND_ENCRYPTED_NAME_ID=false +SAML_SEND_SIGNED_AUTH_REQUEST=false +SAML_SIGNED_SP_METADATA=false +SAML_WANT_MESSAGE_SIGNED=false +SAML_WANT_ASSERTION_SIGNED=false +SAML_WANT_ASSERTION_ENCRYPTED=false +SAML_WANT_NAME_ID_ENCRYPTED=false +SAML_KEYSTORE_FILE_PATH=/path/to/keystore.jks +SAML_KEYSTORE_ALIAS=myKeystoreAlias +SAML_KEYSTORE_PASSWORD=myKeystorePassword +``` + +## 2. Start Docker + +```commandline +docker compose --env-file ~/openmetadata_saml.env up -d +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} diff --git a/openmetadata-docs/content/v1.4.x/deployment/security/saml/index.md b/openmetadata-docs/content/v1.4.x/deployment/security/saml/index.md index 0656c3ee577..ac72215e802 100644 --- a/openmetadata-docs/content/v1.4.x/deployment/security/saml/index.md +++ b/openmetadata-docs/content/v1.4.x/deployment/security/saml/index.md @@ -13,48 +13,6 @@ Security requirements for your **production** environment: {% /note %} -Follow this sections in this guide to set up Saml for almost any IDP. In Openmetadata the SAML configuration -are divided into the following three sections:- - -- Identity Provide (IDP) Configuration - -```yaml - idp: - entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} - ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} - idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} - authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} - nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} -``` - -- Service Provider (SP) Configuration (SP is Openmetadata) - -```yaml - sp: - entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} - acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} - spX509Certificate: ${SAML_SP_CERTIFICATE:-""} - callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} - -``` -- Security Config - -```yaml - security: - strictMode: ${SAML_STRICT_MODE:-false} - tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} - sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} - sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} - signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} - wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} - wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} - wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} - wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} - keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} - keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} - keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} -``` - ## Configuring Identity Provider and Service Provider ### Identity Provide (IDP) Configuration @@ -122,6 +80,27 @@ More specific details on different IDPs can be found below: href="/deployment/security/saml/aws" %} Configure AWS as IDP. {% /inlineCallout %} + {% inlineCallout + color="violet-70" + icon="celebration" + bold="Bare Metal Security" + href="/deployment/security/saml/bare-metal" %} + Configure SAML SSO for your Bare Metal Deployment + {% /inlineCallout %} + {% inlineCallout + color="violet-70" + icon="celebration" + bold="Docker Security" + href="/deployment/security/saml/docker" %} + Configure SAML SSO for your Docker Deployment. + {% /inlineCallout %} + {% inlineCallout + color="violet-70" + icon="celebration" + bold="Kubernetes Security" + href="/deployment/security/saml/kubernetes" %} + Configure SAML SSO for your Kubernetes Deployment. + {% /inlineCallout %} {% /inlineCalloutContainer %} {% partial file="/v1.4/deployment/configure-ingestion.md" /%} diff --git a/openmetadata-docs/content/v1.4.x/deployment/security/saml/kubernetes.md b/openmetadata-docs/content/v1.4.x/deployment/security/saml/kubernetes.md new file mode 100644 index 00000000000..7af26f49187 --- /dev/null +++ b/openmetadata-docs/content/v1.4.x/deployment/security/saml/kubernetes.md @@ -0,0 +1,43 @@ +--- +title: SAML SSO for Kubernetes +slug: /deployment/security/saml/kubernetes +--- + +# SAML SSO for Kubernetes + +See the snippet below for an example of SAML configurations in the `values.yaml`. + +The configuration below already uses the presets shown in the example of saml configurations, you can change to yours. + +```yaml +openmetadata: + config: + idp: + entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} + ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} + idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} + authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} + nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} + + sp: + entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} + acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} + spX509Certificate: ${SAML_SP_CERTIFICATE:-""} + callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} + + security: + strictMode: ${SAML_STRICT_MODE:-false} + tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} + sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} + sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} + signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} + wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} + wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} + wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} + wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} + keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} + keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} + keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} diff --git a/openmetadata-docs/content/v1.4.x/menu.md b/openmetadata-docs/content/v1.4.x/menu.md index ca9875fac02..c0e8adbcb20 100644 --- a/openmetadata-docs/content/v1.4.x/menu.md +++ b/openmetadata-docs/content/v1.4.x/menu.md @@ -138,6 +138,12 @@ site_menu: url: /deployment/security/keycloak/kubernetes - category: Deployment / Enable Security / Saml url: /deployment/security/saml + - category: Deployment / Enable Security / Saml / Docker + url: /deployment/security/saml/docker + - category: Deployment / Enable Security / Saml / Bare Metal + url: /deployment/security/saml/bare-metal + - category: Deployment / Enable Security / Saml / Kubernetes + url: /deployment/security/saml/kubernetes - category: Deployment / Enable Security / Saml / AWS url: /deployment/security/saml/aws - category: Deployment / Enable Security / Enable SSL diff --git a/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/bare-metal.md b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/bare-metal.md new file mode 100644 index 00000000000..3414e434c5c --- /dev/null +++ b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/bare-metal.md @@ -0,0 +1,53 @@ +--- +title: SAML SSO for Bare Metal +slug: /deployment/security/saml/bare-metal +--- + +# SAML SSO for Bare Metal + +## Update conf/openmetadata.yaml + + +Follow this sections in this guide to set up Saml for almost any IDP. In Openmetadata the SAML configuration +are divided into the following three sections:- + +- Identity Provide (IDP) Configuration + +```yaml + idp: + entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} + ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} + idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} + authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} + nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} +``` + +- Service Provider (SP) Configuration (SP is Openmetadata) + +```yaml + sp: + entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} + acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} + spX509Certificate: ${SAML_SP_CERTIFICATE:-""} + callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} + +``` +- Security Config + +```yaml + security: + strictMode: ${SAML_STRICT_MODE:-false} + tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} + sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} + sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} + signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} + wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} + wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} + wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} + wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} + keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} + keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} + keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} \ No newline at end of file diff --git a/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/docker.md b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/docker.md new file mode 100644 index 00000000000..fdc17b77727 --- /dev/null +++ b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/docker.md @@ -0,0 +1,58 @@ +--- +title: SAML SSO for Docker +slug: /deployment/security/saml/docker +--- + +# Keycloak SSO for Docker + +To enable security for the Docker deployment, follow the next steps: + +## 1. Create an .env file + +Create an `openmetadata_saml.env` file and add the following contents as an example. Use the information +generated when setting up the account. + +The configuration below already uses the presets shown in the example of SAML configurations, you can change to yours. + +{% note %} + +If you are using an environment variable from an external file in our setup, and this environment variable is commented out in the `docker-compose` file, it will not be considered. To ensure it works, the commented section in the docker-compose file must be uncommented. + +{% /note %} + +```shell +# OpenMetadata Server IDP Configuration +SAML_IDP_ENTITY_ID=https://mocksaml.com/api/saml/sso +SAML_IDP_SSO_LOGIN_URL=https://saml.example.com/entityid +SAML_IDP_CERTIFICATE=/path/to/the/certificate +SAML_AUTHORITY_URL=http://localhost:8585/api/v1/saml/login +SAML_IDP_NAME_ID=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + +# OpenMetadata Server SP Configuration +SAML_SP_ENTITY_ID=http://localhost:8585/api/v1/saml/metadata +SAML_SP_ACS=http://localhost:8585/api/v1/saml/acs +SAML_SP_CERTIFICATE=/path/to/the/certificate +SAML_SP_CALLBACK=http://localhost:8585/saml/callback + +# OpenMetadata Server Security Configuration +SAML_STRICT_MODE=false +SAML_SP_TOKEN_VALIDITY=3600 +SAML_SEND_ENCRYPTED_NAME_ID=false +SAML_SEND_SIGNED_AUTH_REQUEST=false +SAML_SIGNED_SP_METADATA=false +SAML_WANT_MESSAGE_SIGNED=false +SAML_WANT_ASSERTION_SIGNED=false +SAML_WANT_ASSERTION_ENCRYPTED=false +SAML_WANT_NAME_ID_ENCRYPTED=false +SAML_KEYSTORE_FILE_PATH=/path/to/keystore.jks +SAML_KEYSTORE_ALIAS=myKeystoreAlias +SAML_KEYSTORE_PASSWORD=myKeystorePassword +``` + +## 2. Start Docker + +```commandline +docker compose --env-file ~/openmetadata_saml.env up -d +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} diff --git a/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/index.md b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/index.md index e96cd4f92d6..6a9738dfb56 100644 --- a/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/index.md +++ b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/index.md @@ -13,48 +13,6 @@ Security requirements for your **production** environment: {% /note %} -Follow this sections in this guide to set up Saml for almost any IDP. In Openmetadata the SAML configuration -are divided into the following three sections:- - -- Identity Provide (IDP) Configuration - -```yaml - idp: - entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} - ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} - idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} - authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} - nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} -``` - -- Service Provider (SP) Configuration (SP is Openmetadata) - -```yaml - sp: - entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} - acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} - spX509Certificate: ${SAML_SP_CERTIFICATE:-""} - callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} - -``` -- Security Config - -```yaml - security: - strictMode: ${SAML_STRICT_MODE:-false} - tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} - sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} - sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} - signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} - wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} - wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} - wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} - wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} - keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} - keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} - keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} -``` - ## Configuring Identity Provider and Service Provider ### Identity Provide (IDP) Configuration diff --git a/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/kubernetes.md b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/kubernetes.md new file mode 100644 index 00000000000..7af26f49187 --- /dev/null +++ b/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/saml/kubernetes.md @@ -0,0 +1,43 @@ +--- +title: SAML SSO for Kubernetes +slug: /deployment/security/saml/kubernetes +--- + +# SAML SSO for Kubernetes + +See the snippet below for an example of SAML configurations in the `values.yaml`. + +The configuration below already uses the presets shown in the example of saml configurations, you can change to yours. + +```yaml +openmetadata: + config: + idp: + entityId: ${SAML_IDP_ENTITY_ID:-"https://mocksaml.com/api/saml/sso"} + ssoLoginUrl: ${SAML_IDP_SSO_LOGIN_URL:-"https://saml.example.com/entityid"} + idpX509Certificate: ${SAML_IDP_CERTIFICATE:-""} + authorityUrl: ${SAML_AUTHORITY_URL:-"http://localhost:8585/api/v1/saml/login"} + nameId: ${SAML_IDP_NAME_ID:-"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"} + + sp: + entityId: ${SAML_SP_ENTITY_ID:-"http://localhost:8585/api/v1/saml/metadata"} + acs: ${SAML_SP_ACS:-"http://localhost:8585/api/v1/saml/acs"} + spX509Certificate: ${SAML_SP_CERTIFICATE:-""} + callback: ${SAML_SP_CALLBACK:-"http://localhost:8585/saml/callback"} + + security: + strictMode: ${SAML_STRICT_MODE:-false} + tokenValidity: ${SAML_SP_TOKEN_VALIDITY:-"3600"} + sendEncryptedNameId: ${SAML_SEND_ENCRYPTED_NAME_ID:-false} + sendSignedAuthRequest: ${SAML_SEND_SIGNED_AUTH_REQUEST:-false} + signSpMetadata: ${SAML_SIGNED_SP_METADATA:-false} + wantMessagesSigned: ${SAML_WANT_MESSAGE_SIGNED:-false} + wantAssertionsSigned: ${SAML_WANT_ASSERTION_SIGNED:-false} + wantAssertionEncrypted: ${SAML_WANT_ASSERTION_ENCRYPTED:-false} + wantNameIdEncrypted: ${SAML_WANT_NAME_ID_ENCRYPTED:-false} + keyStoreFilePath: ${SAML_KEYSTORE_FILE_PATH:-""} + keyStoreAlias: ${SAML_KEYSTORE_ALIAS:-""} + keyStorePassword: ${SAML_KEYSTORE_PASSWORD:-""} +``` + +{% partial file="/v1.4/deployment/configure-ingestion.md" /%} diff --git a/openmetadata-docs/content/v1.5.x-SNAPSHOT/menu.md b/openmetadata-docs/content/v1.5.x-SNAPSHOT/menu.md index e49b8cd0f16..fc5d006c5cc 100644 --- a/openmetadata-docs/content/v1.5.x-SNAPSHOT/menu.md +++ b/openmetadata-docs/content/v1.5.x-SNAPSHOT/menu.md @@ -141,6 +141,12 @@ site_menu: url: /deployment/security/saml - category: Deployment / Enable Security / Saml / AWS url: /deployment/security/saml/aws + - category: Deployment / Enable Security / Saml / Docker + url: /deployment/security/saml/docker + - category: Deployment / Enable Security / Saml / Bare Metal + url: /deployment/security/saml/bare-metal + - category: Deployment / Enable Security / Saml / Kubernetes + url: /deployment/security/saml/kubernetes - category: Deployment / Enable Security / Enable SSL url: /deployment/security/enable-ssl - category: Deployment / Enable Security / Enable SSL / Use Nginx