Provisioning Users from AWS accounts (Customer manages AWS - business mail service )

  • 2 August 2023
  • 3 replies
  • 1 view

Badge +11

Provisioning Users from AWS accounts (Customer manages AWS Amazon WorkMail, for their mail accounts - business mail service).

 

Hello good afternoon, how are you doing? As always, thanks for your cooperation and support as always.

 

I have a question, a customer X, has a mail service on AWS, no Azure AD, no local AD, no google apps.

 

So he only has for his mail accounts AWS - Mail Account - Enterprise Service.

 

Is Netskope compatible, for the moment I have not seen any document, do you know if it is compatible Netskope, to provision fianles users, users to Tenant, by SCIM, LDAP or IDP, against AWS, in order to provision users and groups ?

 

Does anyone have any information, data or details regarding this scope of Netskope ?

 

Thanks, I remain attentive

 

Best regards


3 replies

Badge +11

Hi, sorry I tagged you. I hope you don't mind and you can help me with what I comment in the post.
Thank you very much in advance for your time, collaboration and good vibes.
Greetings

@mjrgg  @sartioli   @borisgekhtman  @sshiflett 

@jsalmeron    @MM_NS 

Badge +11

Hello, I hope you are very well. Sorry for tagging you. Please help me to solve this doubt, thanks for your time, good vibes, collaboration and comments.

 

@mjrgg 

@sartioli 

@borisgekhtman 

@sshiflett 

@jsalmeron 

@MM_NS 

@msouza 

 

Badge +13

Hi I haven't tried this with AWS myself but based on my experience here are some pointers:

 

-Is this a SCIM2.0 compliant setup?

-This setup requires that UPN must match Username (see below)

-There are few the mandatory key value pairs that must be passed to NS.

 

 

I can name a few MUST Have values here.

 

User: Username and Email address (and UPN must match Username)

(FN, LN and Group are optional)

Group: Group Name and Group Members.

 

Also if you can check the Azure AD and Okta Netskope SCIM integrated docs on their respective sites that will give you even more insights into what is required to get this working.

 

Here is one I frequently refer.

 

https://docs.netskope.com/en/netskope-help/integrations-439794/provisioning-and-authentication/netskope-client-idp-mode-with-azure-scim-and-azure-ad-or-adfs-saml-auth/configure-azure-scim-integration-to-onboard-users-to-netskope/

 

Would like to request once you have a working AWS provisioning screenshots from AWS. 

 

Thanks

Reply