...
If the SAML provider does not already exist in the account, it will need to be created. This step is required only once per account, not per-role.
Download & save the CUIT SAML Metadata Document to a local file
Login to your AWS Account console as a user with full IAM Administrator privileges
Open the IAM console
In the pane on the left, click Identity Providers
Click Create
On the Configure Provider page, choose provider type SAML
Set the Provider Name to “ColumbiaProdShibboleth”
Click Choose File next to the Metadata Document field
Select the metadata file
you downloaded, and click Next StepView file name CUProdSAMLMetadata.xml On the Verify Provider Information page, click Create
...