Module aws_sdk_ssoadmin::model
source · [−]Expand description
Data structures used by operation inputs/outputs.
Modules
Structs
These are Amazon Web Services SSO identity store attributes that you can configure for use in attributes-based access control (ABAC). You can create permissions policies that determine who can access your Amazon Web Services resources based upon the configured attribute values. When you enable ABAC and specify AccessControlAttributes, Amazon Web Services SSO passes the attribute values of the authenticated user into IAM for use in policy evaluation.
The value used for mapping a specified attribute to an identity source. For more information, see Attribute mappings in the Amazon Web Services Single Sign-On User Guide.
The assignment that indicates a principal's limited access to a specified Amazon Web Services account with a specified permission set.
The status of the creation or deletion operation of an assignment that a principal needs to access an account.
Provides information about the AccountAssignment creation request.
A structure that stores the details of the Amazon Web Services managed IAM policy.
Specifies the name and path of the IAM customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
Specifies the attributes to add to your attribute-based access control (ABAC) configuration.
Provides information about the SSO instance.
Filters he operation status list based on the passed attribute value.
An entity that contains IAM policies.
A structure that is used to provide the status of the provisioning operation for a specified permission set.
Provides information about the permission set provisioning status.
Specifies the configuration of the Amazon Web Services managed or customer managed policy that you want to set as a permissions boundary. Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an Amazon Web Services managed IAM policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the Identity and Access Management User Guide.
A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that Amazon Web Services SSO creates in Amazon Web Services accounts.