IAM
Space shortcuts

Log in to ASTRA
Manage UW Groups
Manage UW NetID Resources
Manage Certificates
Register/Update Shibboleth SP

IAM in Service Catalog

Access Management
Authentication
Directory Services
UW NetID
UW Directory
Microsoft Infrastructure

Page Tree

Child pages
  • Identity Registry Event Notification Topics and Message Formats
Skip to end of metadata
Go to start of metadata

Identity Registry event notifications are configured to post several types of notifications to Amazon SNS topics when various Registry data is added, modified, or deleted. This page describes the topics and corresponding message formats. To receive notifications you must make a request.

Request Identity Registry Event Notifications

Topics

The Identity Registry supports six SNS topics from each of the Identity Registry environments (production, evaluation, and development). Each topic has a unique ARN value . The full ARN for each of the topics listed below can be derived by prepending the following string:

arn:aws:sns:us-east-1:611509864246:

Production Environment

From mango.u.washington.edu

  • idreg-v1-regid
  • idreg-v1-source
  • idreg-v1-idattribute
  • idreg-v1-uwnetid
  • idreg-v1-subscription
  • idreg-v1-sponsor

Evaluation Environment

From mango-eval.u.washington.edu

  • idreg-eval-v1-regid
  • idreg-eval-v1-source
  • idreg-eval-v1-idattribute
  • idreg-eval-v1-uwnetid
  • idreg-eval-v1-subscription
  • idreg-eval-v1-sponsor

Development Environment

From mango-dev.u.washington.edu

  • idreg-dev-v1-regid
  • idreg-dev-v1-source
  • idreg-dev-v1-idattribute
  • idreg-dev-v1-uwnetid
  • idreg-dev-v1-subscription
  • idreg-dev-v1-sponsor

Token/Authentication to read SQS

AWS protocol

V1 Message Formats

Topic

Data Type

Description

Triggers

Format

idreg-v1-regidRegidAny change to a regid record, add, delete, modification.
  • regid table changes
  • validation table internal key changes
message: {
  "type":"insert|modify|delete",
  "regid":"target_regid"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"regid"
  "tags":["account",
          "person",
          "whitepages"]
}
sender: idregistry
contentType: json
idreg-v1-sourceSource record data

Any change to source record validation data, including record added, record deleted, attributes added/deleted/modified.

Type 'rename' indicates primary identifer has changed.

  • validation table changes
  • verify table changes (not source 0)
  • category table changes (not source 0)
message: {
  "type":"insert|modify|delete|rename",
  "regid":"target_regid",
  "source":"source_number",
  "id":"source_id"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"source"
  "tags":["person",
          "whitepages",
          "account",
          "eduperson"]
}
sender: idregistry
contentType: json
idreg-v1-idattributeUnsourced attributes

Any change to unsourced attributes in Identity Registration DB.

e.g., preferred name data.

Type 'test' is for testing viability of SQS only.

  • verify table changes (source 0)
  • category table changes (source 0)
message: {
  "type":"insert|modify|delete|test",
  "regid":"target_regid"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"idattribute"
  "tags":["person",
          "whitepages",
          "eduperson"]
}
sender: idregistry
contentType: json
idreg-v1-uwnetidUW NetID

Any change to a UW NetID record, wanted UW NetIDs are not reported.

Type 'rename' indicates primary identifier has changed.

  • uwnetid table changes
message: {
  "type":"insert|modify|delete|rename",
  "regid":"target_regid",
  "uwnetid":"target_uwnetid"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"uwnetid"
  "tags":["account",
          "person",
          "whitepages"]
}
sender: idregistry
contentType: json

idreg-v1-subscriptionSubscription changesAny change to a subscription record.
  • subscription table changes
message: {
  "type":"insert|modify|delete",
  "subscription":"subscription_code",
  "uwnetid":"target_uwnetid"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"subscription"
  "tags":["account",
          "password",
          "forward"]
}
sender: idregistry
contentType: json

idreg-v1-sponsorSponsorship changesChanges in relationships between a source 4 (AVF) record and another entity
  • sponsor table changes
message: {
  "type":"insert|modify|delete",
  "regid":"target_regid",
  "sponsor":"related_sponsor_regid"
}
context: {
  "system_type":"dev|eval|prod",
  "version":"v1",
  "topic":"sponsor"
  "tags":[]
}
sender: idregistry
contentType: json

Tags

The tags attribute is an indicator to let the receiver know if the change may affect one of the "directory domains" or similar external store (password). The tags presented will vary depending on the type of change that precipitated the event. 

Directory targets are traditionally:

  • Person: ou=People,dc=personregistry,dc=washington,dc=edu
  • Account: dc=accounts,dc=washington,dc=edu
  • Forward: cn=UWNetID,dc=u,dc=washington,dc=edu
  • Whitepages: ou=People,o=University of Washington,c=US
  • No labels

Have a question? Contact us at iam-support@uw.edu.