Module types

Source

Expand description

Data structures used by operation inputs/outputs.

Modules§

builders: Builders
error: Error types that AWS Single Sign-On Admin can respond with.

Structs§

AccessControlAttribute: These are IAM Identity Center identity store attributes that you can configure for use in attributes-based access control (ABAC). You can create permissions policies that determine who can access your Amazon Web Services resources based upon the configured attribute values. When you enable ABAC and specify AccessControlAttributes, IAM Identity Center passes the attribute values of the authenticated user into IAM for use in policy evaluation.
AccessControlAttributeValue: The value used for mapping a specified attribute to an identity source. For more information, see Attribute mappings in the IAM Identity Center User Guide.
AccountAssignment: The assignment that indicates a principal's limited access to a specified Amazon Web Services account with a specified permission set.

The term principal here refers to a user or group that is defined in IAM Identity Center.
AccountAssignmentForPrincipal: A structure that describes an assignment of an Amazon Web Services account to a principal and the permissions that principal has in the account.
AccountAssignmentOperationStatus: The status of the creation or deletion operation of an assignment that a principal needs to access an account.
AccountAssignmentOperationStatusMetadata: Provides information about the AccountAssignment creation request.
Application: A structure that describes an application that uses IAM Identity Center for access management.
ApplicationAssignment: A structure that describes an assignment of a principal to an application.
ApplicationAssignmentForPrincipal: A structure that describes an application to which a principal is assigned.
ApplicationProvider: A structure that describes a provider that can be used to connect an Amazon Web Services managed application or customer managed application to IAM Identity Center.
AttachedManagedPolicy: A structure that stores a list of managed policy ARNs that describe the associated Amazon Web Services managed policy.
AuthenticationMethodItem: A structure that describes an authentication method and its type.
AuthorizationCodeGrant: A structure that defines configuration settings for an application that supports the OAuth 2.0 Authorization Code Grant.
AuthorizedTokenIssuer: A structure that describes a trusted token issuer and associates it with a set of authorized audiences.
CustomerManagedPolicyReference: Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
DisplayData: A structure that describes how the portal represents an application provider.
GrantItem: A structure that defines a single grant and its configuration.
IamAuthenticationMethod: A structure that describes details for authentication that uses IAM.
InstanceAccessControlAttributeConfiguration: Specifies the attributes to add to your attribute-based access control (ABAC) configuration.
InstanceMetadata: Provides information about the IAM Identity Center instance.
JwtBearerGrant: A structure that defines configuration settings for an application that supports the JWT Bearer Token Authorization Grant. The AuthorizedAudience field is the aud claim. For more information, see RFC 7523.
ListAccountAssignmentsFilter: A structure that describes a filter for account assignments.
ListApplicationAssignmentsFilter: A structure that describes a filter for application assignments.
ListApplicationsFilter: A structure that describes a filter for applications.
OidcJwtConfiguration: A structure that describes configuration settings for a trusted token issuer that supports OpenID Connect (OIDC) and JSON Web Tokens (JWTs).
OidcJwtUpdateConfiguration: A structure that describes updated configuration settings for a trusted token issuer that supports OpenID Connect (OIDC) and JSON Web Tokens (JWTs).
OperationStatusFilter: Filters the operation status list based on the passed attribute value.
PermissionSet: An entity that contains IAM policies.
PermissionSetProvisioningStatus: A structure that is used to provide the status of the provisioning operation for a specified permission set.
PermissionSetProvisioningStatusMetadata: Provides information about the permission set provisioning status.
PermissionsBoundary: Specifies the configuration of the Amazon Web Services managed or customer managed policy that you want to set as a permissions boundary. Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an Amazon Web Services managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide.

Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.
PortalOptions: A structure that describes the options for the access portal associated with an application.
RefreshTokenGrant: A structure that defines configuration settings for an application that supports the OAuth 2.0 Refresh Token Grant. For more, see RFC 6749.
ResourceServerConfig: A structure that describes the configuration of a resource server.
ResourceServerScopeDetails: A structure that describes details for an IAM Identity Center access scope that is associated with a resource server.
ScopeDetails: A structure that describes an IAM Identity Center access scope and its authorized targets.
SignInOptions: A structure that describes the sign-in options for an application portal.
Tag: A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that IAM Identity Center creates in Amazon Web Services accounts.
TokenExchangeGrant: A structure that defines configuration settings for an application that supports the OAuth 2.0 Token Exchange Grant. For more information, see RFC 8693.
TrustedTokenIssuerMetadata: A structure that describes a trusted token issuer.
UpdateApplicationPortalOptions: A structure that describes the options for the access portal associated with an application that can be updated.

Enums§

ApplicationStatus: When writing a match expression against ApplicationStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
ApplicationVisibility: When writing a match expression against ApplicationVisibility, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
AuthenticationMethod: A structure that describes an authentication method that can be used by an application.
AuthenticationMethodType: When writing a match expression against AuthenticationMethodType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
FederationProtocol: When writing a match expression against FederationProtocol, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
Grant: The Grant union represents the set of possible configuration options for the selected grant type. Exactly one member of the union must be specified, and must match the grant type selected.
GrantType: When writing a match expression against GrantType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
InstanceAccessControlAttributeConfigurationStatus: When writing a match expression against InstanceAccessControlAttributeConfigurationStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
InstanceStatus: When writing a match expression against InstanceStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
JwksRetrievalOption: When writing a match expression against JwksRetrievalOption, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
PrincipalType: When writing a match expression against PrincipalType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
ProvisionTargetType: When writing a match expression against ProvisionTargetType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
ProvisioningStatus: When writing a match expression against ProvisioningStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
SignInOrigin: When writing a match expression against SignInOrigin, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
StatusValues: When writing a match expression against StatusValues, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
TargetType: When writing a match expression against TargetType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
TrustedTokenIssuerConfiguration: A structure that describes the configuration of a trusted token issuer. The structure and available settings are determined by the type of the trusted token issuer.
TrustedTokenIssuerType: When writing a match expression against TrustedTokenIssuerType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
TrustedTokenIssuerUpdateConfiguration: A structure that contains details to be updated for a trusted token issuer configuration. The structure and settings that you can include depend on the type of the trusted token issuer being updated.

Module typesCopy item path

Modules§

Structs§

Enums§

Module types