I figured out how to get JumpCloud SSO working with AWS Grafana managed service, and thought I would make a post outlining the steps I went through to get it working. This is just worked for me. I'm open to suggestions for improvements.
First, we need to set up the basic SSO between JumpCloud and Grafana. This will allow you to log into the Grafana service as a “viewer” but won’t provide “editor” or “admin” rights.
Starting with the Grafana service, we have to create a new workspace and start to configure it.
Next we move to the JumpCloud console and configure it using the values from the AWS Grafana setup.
Go back to the Grafana console and finish up.
In order to access Grafana as an “editor” or an “admin” we need to do a couple of extra steps.
We’re going to create some user groups to indicate Grafana editors and administrators. Or you could use already existing groups.
In each group, add a Custom Attribute:
We also need to update the Grafana SSO application slightly to add a new attribute.
Under “Attributes” add a new attribute with these values:
Finally, we need to tell Grafana how to recognize “admins” and “editors”.
Editor role values: Editor