How to update User-Role Mapping through the Manager Console

  1. Before starting, move to the “accounts" panel in order to be sure to already have roles or follow this tutorial to add some. Be sure to have the same roles existing in this section already prepared on AWS.

  1. Go to the dashboard, then move to the “Users” tab.



What you'll get is a list of all the company Users registered as eligible to use LookAuth Client. You now have to define which Role they can assume at Login. To do so, click on the  icon on the right to access the user-role association page.


  1. At this point, you'll get two different tables: the one on the left contains the accounts and the roles created, but not associated, yet. It's from the table on the right that you’ll be able to set the correct Role-Account association, based on a chosen user.

       


See the image below for a detailed description of table one.


In order to create a valid association, click on thebutton to make the Account-Role association appear in the right panel.



Once you are satisfied with all your associations (you can do the same operation for different accounts in one shot), click on the “save button” and then on the icon (or just return to the “user” tab to go back to the user list.


Notice: during the association operation you will be prompted with the modal shown below. This is a reminder: to make the just created association working, you have to copy the information provided in the G Suite console and paste them under “user information” -> “AWS SAML”.