customSchemas 补丁的最大大小?
Maximum Size of patch to customSchemas?
我的 SDK 有问题。我跟随 this guide 获得了 AWS 的 SSO。我可以使用我的代码添加 4 个角色,但之后我得到了 413。
我的架构包含 SSO 角色数组下的所有角色。因此,我制作的每个补丁都要求我根据 the docs:
重新提交整个角色数组
Note about arrays: Patch requests that contain arrays replace the existing array with the one you provide. You cannot modify, add, or delete items in an array in a piecemeal fashion.
Python 片段:
service.users().patch(userKey=email, body=new_custom_schema).execute()
new_custom_schema 是一个包含 customSchema 及以下所有节点的字典。
错误
googleapiclient.errors.HttpError: <HttpError 413 when requesting https://www.googleapis.com/admin/directory/v1/users/user@domain.com?alt=json returned "Profile quota is exceeded.: Data is too large for">
示例架构插入:
{
"fields":
[
{
"fieldName": "role",
"fieldType": "STRING",
"readAccessType": "ADMINS_AND_SELF",
"multiValued": true
}
],
"schemaName": "SSO"
}
示例用户补丁:
{
"customSchemas": {
"SSO": {
"role": [
{
"customType": "AWSaccount1ReadOnly",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_readonly,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount1Admin",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_admin,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2ReadOnly",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_readonly,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2Admin",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_admin,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3ReadOnly",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_readonly,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3Admin",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_admin,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
}
]
}
}
}
在这个例子中,我可以毫无问题地提交前 5 个
如有任何想法,我们将不胜感激。
我向 Google 提交了支持票,发现自定义架构中的多值字段有 4KB(~1000 个字符)的限制。
所以,有几个选项:
- 选择不同的 SAML IdP
根据需要创建多个 SAML 应用程序以绕过限制。
[更新]
您不能拥有多个具有相同实体 ID 的 SAML 应用程序。
[更新 2]
新限制似乎大约是旧限制的两倍。介于 2087 - 2315 个字符之间
[更新 3]
看起来这个限制已经显着提高了。 space 我还没有 运行。
我能够得到关于请求大小的答案:
array_length * 100 + SUM(value_lengths) <= ~32000
示例:
[ "{500 bytes}", "{500 bytes}", "{500 bytes}" ]
array_length is 3
SUM(value_lengths) is 1500
3 * 100 + 1500 + 4 = 1804
我的 SDK 有问题。我跟随 this guide 获得了 AWS 的 SSO。我可以使用我的代码添加 4 个角色,但之后我得到了 413。
我的架构包含 SSO 角色数组下的所有角色。因此,我制作的每个补丁都要求我根据 the docs:
重新提交整个角色数组Note about arrays: Patch requests that contain arrays replace the existing array with the one you provide. You cannot modify, add, or delete items in an array in a piecemeal fashion.
Python 片段:
service.users().patch(userKey=email, body=new_custom_schema).execute()
new_custom_schema 是一个包含 customSchema 及以下所有节点的字典。
错误
googleapiclient.errors.HttpError: <HttpError 413 when requesting https://www.googleapis.com/admin/directory/v1/users/user@domain.com?alt=json returned "Profile quota is exceeded.: Data is too large for">
示例架构插入:
{
"fields":
[
{
"fieldName": "role",
"fieldType": "STRING",
"readAccessType": "ADMINS_AND_SELF",
"multiValued": true
}
],
"schemaName": "SSO"
}
示例用户补丁:
{
"customSchemas": {
"SSO": {
"role": [
{
"customType": "AWSaccount1ReadOnly",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_readonly,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount1Admin",
"type": "work",
"value": "arn:aws:iam::12345678910:role/gapps_admin,arn:aws:iam::12345678910:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2ReadOnly",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_readonly,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount2Admin",
"type": "work",
"value": "arn:aws:iam::5101520253035:role/gapps_admin,arn:aws:iam::5101520253035:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3ReadOnly",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_readonly,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
},
{
"customType": "AWSaccount3Admin",
"type": "work",
"value": "arn:aws:iam::3691215182124:role/gapps_admin,arn:aws:iam::3691215182124:saml-provider/GoogleApps"
}
]
}
}
}
在这个例子中,我可以毫无问题地提交前 5 个
如有任何想法,我们将不胜感激。
我向 Google 提交了支持票,发现自定义架构中的多值字段有 4KB(~1000 个字符)的限制。
所以,有几个选项:
- 选择不同的 SAML IdP
根据需要创建多个 SAML 应用程序以绕过限制。
[更新]
您不能拥有多个具有相同实体 ID 的 SAML 应用程序。
[更新 2]
新限制似乎大约是旧限制的两倍。介于 2087 - 2315 个字符之间
[更新 3]
看起来这个限制已经显着提高了。 space 我还没有 运行。
我能够得到关于请求大小的答案:
array_length * 100 + SUM(value_lengths) <= ~32000
示例:
[ "{500 bytes}", "{500 bytes}", "{500 bytes}" ]
array_length is 3
SUM(value_lengths) is 1500
3 * 100 + 1500 + 4 = 1804