customSchemas的最大修补程序大小? [英] Maximum Size of patch to customSchemas?
问题描述
I'm having an issue with the SDK. I followed this guide to get SSO with AWS. I'm able to add 4 roles using my code, but after that I get a 413.
我的架构包含SSO角色数组下的所有角色.因此,我制作的每个补丁都要求我根据文档:
My schema contains all of the roles under the SSO role array. So, each patch I make requires me to resubmit the entire role array according to the docs:
关于数组的说明:包含数组的修补程序请求将现有的数组替换为您提供的数组.您不能以零散的方式修改,添加或删除数组中的项目.
Note about arrays: Patch requests that contain arrays replace the existing array with the one you provide. You cannot modify, add, or delete items in an array in a piecemeal fashion.
Python代码段:
service.users().patch(userKey=email, body=new_custom_schema).execute()
new_custom_schema是一个字典,其中包含包括customSchema在内的所有节点.
new_custom_schema is a dictionary containing all nodes including and below customSchema.
错误
googleapiclient.errors.HttpError: <HttpError 413 when requesting https://www.googleapis.com/admin/directory/v1/users/user@domain.com?alt=json returned "Profile quota is exceeded.: Data is too large for">
示例架构插入:
{
"fields":
[
{
"fieldName": "role",
"fieldType": "STRING",
"readAccessType": "ADMINS_AND_SELF",
"multiValued": true
}
],
"schemaName": "SSO"
}
示例用户补丁程序:
{
"customSchemas": {
"SSO": {
"role": [
{
"customType": "AWSaccount1ReadOnly",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_readonly,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount1Admin",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_admin,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2ReadOnly",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_readonly,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2Admin",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_admin,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3ReadOnly",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_readonly,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3Admin",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_admin,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
}
]
}
}
}
在此示例中,我可以无问题地提交前5个
任何想法都将不胜感激.
Any ideas would be greatly appreciated.
推荐答案
我向Google提交了支持票,发现自定义架构中的多值字段限制为4KB(约1000个字符).
I submitted a support ticket to Google and found out that there is a 4KB (~1000 characters) limit on the multivalued field in a custom schema.
因此,有两种选择:
- 选择其他SAML IdP
-
根据需要创建多个SAML应用,以解决限制.
[更新]
您不能有多个具有相同实体ID的SAML应用.
You can't have multiple SAML apps with the same entity ID.
[更新2]
新限制似乎是旧限制的大约两倍. 2087-2315个字符之间的某个地方
The new limit seems to be roughly double the old limit. Somewhere between 2087 - 2315 characters
[更新3]
此限制似乎已大大增加.我还没有足够的空间.
It looks like this limit has been significantly increased. I have not run out of space yet.
这篇关于customSchemas的最大修补程序大小?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!