Click Devices > Identity Servers > Edit > SAML 2.0 > New > Service Provider.
Specify the following details:
Provider Type: Select Amazon Web Services.
By default, the Metadata Text source is selected and Text is pre-filled with the metadata XML.
Title: Specify a name for the provider and click Next.
Role ARN: Specify role ARN. For example, arn:aws:iam:625143326143:role/MyAdmin
Trusted SAML Provider ARN: Specify the trusted SAML provider ARN. For example, arn:aws:iam:625143326143:saml-provider/idp1
To fetch ARN values, see Enabling Web Single Sign-On in the AWS Console.
NOTE:Role ARN and Trusted SAML Provider ARN are used to create the attribute mapping. If you have configured multiple roles in AWS, you can add any Role ARN while creating a service provider. To modify the attribute set, see Re-Mapping Attribute Sets.
Review the metadata certificates and click Finish.
Click OK, then update Identity Server.