aws-sdk-ssoadmin 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 78d783a645187efcf7dce2479fc3fe2a1d351075628a297a7b3289d724d99b6e
4
+ data.tar.gz: 1b8c5e150cb4eeddd208a37b6e213207fd93429a8ddd040c566d0357178c20f1
5
+ SHA512:
6
+ metadata.gz: 92985c1203c9f42d6dbac2b7b53dd58be3bbf45bd5182f49e1fa05bbb5406bcacacda821013a6f477a951d02177003953a2bcc4354a223019d2abea9d52cd5fa
7
+ data.tar.gz: 82841762be02e70d77f0fa2a977995c2fd918d9b3cc304430b560e2b5b5d5ea27ccd6dce9b3af5409273d9dae8bb4a0154c91c5caf4505910449bf3270f1a2fb
@@ -0,0 +1,52 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'aws-sdk-core'
11
+ require 'aws-sigv4'
12
+
13
+ require_relative 'aws-sdk-ssoadmin/types'
14
+ require_relative 'aws-sdk-ssoadmin/client_api'
15
+ require_relative 'aws-sdk-ssoadmin/client'
16
+ require_relative 'aws-sdk-ssoadmin/errors'
17
+ require_relative 'aws-sdk-ssoadmin/resource'
18
+ require_relative 'aws-sdk-ssoadmin/customizations'
19
+
20
+ # This module provides support for AWS Single Sign-On Admin. This module is available in the
21
+ # `aws-sdk-ssoadmin` gem.
22
+ #
23
+ # # Client
24
+ #
25
+ # The {Client} class provides one method for each API operation. Operation
26
+ # methods each accept a hash of request parameters and return a response
27
+ # structure.
28
+ #
29
+ # sso_admin = Aws::SSOAdmin::Client.new
30
+ # resp = sso_admin.attach_managed_policy_to_permission_set(params)
31
+ #
32
+ # See {Client} for more information.
33
+ #
34
+ # # Errors
35
+ #
36
+ # Errors returned from AWS Single Sign-On Admin are defined in the
37
+ # {Errors} module and all extend {Errors::ServiceError}.
38
+ #
39
+ # begin
40
+ # # do stuff
41
+ # rescue Aws::SSOAdmin::Errors::ServiceError
42
+ # # rescues all AWS Single Sign-On Admin API errors
43
+ # end
44
+ #
45
+ # See {Errors} for more information.
46
+ #
47
+ # @!group service
48
+ module Aws::SSOAdmin
49
+
50
+ GEM_VERSION = '1.0.0'
51
+
52
+ end
@@ -0,0 +1,1624 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/signature_v4.rb'
31
+ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
32
+
33
+ Aws::Plugins::GlobalConfiguration.add_identifier(:ssoadmin)
34
+
35
+ module Aws::SSOAdmin
36
+ # An API client for SSOAdmin. To construct a client, you need to configure a `:region` and `:credentials`.
37
+ #
38
+ # client = Aws::SSOAdmin::Client.new(
39
+ # region: region_name,
40
+ # credentials: credentials,
41
+ # # ...
42
+ # )
43
+ #
44
+ # For details on configuring region and credentials see
45
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
46
+ #
47
+ # See {#initialize} for a full list of supported configuration options.
48
+ class Client < Seahorse::Client::Base
49
+
50
+ include Aws::ClientStubs
51
+
52
+ @identifier = :ssoadmin
53
+
54
+ set_api(ClientApi::API)
55
+
56
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
57
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
58
+ add_plugin(Aws::Plugins::Logging)
59
+ add_plugin(Aws::Plugins::ParamConverter)
60
+ add_plugin(Aws::Plugins::ParamValidator)
61
+ add_plugin(Aws::Plugins::UserAgent)
62
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
63
+ add_plugin(Aws::Plugins::RetryErrors)
64
+ add_plugin(Aws::Plugins::GlobalConfiguration)
65
+ add_plugin(Aws::Plugins::RegionalEndpoint)
66
+ add_plugin(Aws::Plugins::EndpointDiscovery)
67
+ add_plugin(Aws::Plugins::EndpointPattern)
68
+ add_plugin(Aws::Plugins::ResponsePaging)
69
+ add_plugin(Aws::Plugins::StubResponses)
70
+ add_plugin(Aws::Plugins::IdempotencyToken)
71
+ add_plugin(Aws::Plugins::JsonvalueConverter)
72
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
73
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
74
+ add_plugin(Aws::Plugins::TransferEncoding)
75
+ add_plugin(Aws::Plugins::HttpChecksum)
76
+ add_plugin(Aws::Plugins::SignatureV4)
77
+ add_plugin(Aws::Plugins::Protocols::JsonRpc)
78
+
79
+ # @overload initialize(options)
80
+ # @param [Hash] options
81
+ # @option options [required, Aws::CredentialProvider] :credentials
82
+ # Your AWS credentials. This can be an instance of any one of the
83
+ # following classes:
84
+ #
85
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
86
+ # credentials.
87
+ #
88
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
89
+ # shared file, such as `~/.aws/config`.
90
+ #
91
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
92
+ #
93
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
94
+ # assume a role after providing credentials via the web.
95
+ #
96
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
97
+ # access token generated from `aws login`.
98
+ #
99
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
100
+ # process that outputs to stdout.
101
+ #
102
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
103
+ # from an EC2 IMDS on an EC2 instance.
104
+ #
105
+ # * `Aws::ECSCredentials` - Used for loading credentials from
106
+ # instances running in ECS.
107
+ #
108
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
109
+ # from the Cognito Identity service.
110
+ #
111
+ # When `:credentials` are not configured directly, the following
112
+ # locations will be searched for credentials:
113
+ #
114
+ # * `Aws.config[:credentials]`
115
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
116
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
117
+ # * `~/.aws/credentials`
118
+ # * `~/.aws/config`
119
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
120
+ # are very aggressive. Construct and pass an instance of
121
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
122
+ # enable retries and extended timeouts.
123
+ #
124
+ # @option options [required, String] :region
125
+ # The AWS region to connect to. The configured `:region` is
126
+ # used to determine the service `:endpoint`. When not passed,
127
+ # a default `:region` is searched for in the following locations:
128
+ #
129
+ # * `Aws.config[:region]`
130
+ # * `ENV['AWS_REGION']`
131
+ # * `ENV['AMAZON_REGION']`
132
+ # * `ENV['AWS_DEFAULT_REGION']`
133
+ # * `~/.aws/credentials`
134
+ # * `~/.aws/config`
135
+ #
136
+ # @option options [String] :access_key_id
137
+ #
138
+ # @option options [Boolean] :active_endpoint_cache (false)
139
+ # When set to `true`, a thread polling for endpoints will be running in
140
+ # the background every 60 secs (default). Defaults to `false`.
141
+ #
142
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
143
+ # Used only in `adaptive` retry mode. When true, the request will sleep
144
+ # until there is sufficent client side capacity to retry the request.
145
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
146
+ # not retry instead of sleeping.
147
+ #
148
+ # @option options [Boolean] :client_side_monitoring (false)
149
+ # When `true`, client-side metrics will be collected for all API requests from
150
+ # this client.
151
+ #
152
+ # @option options [String] :client_side_monitoring_client_id ("")
153
+ # Allows you to provide an identifier for this client which will be attached to
154
+ # all generated client side metrics. Defaults to an empty string.
155
+ #
156
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
157
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
158
+ # side monitoring agent is running on, where client metrics will be published via UDP.
159
+ #
160
+ # @option options [Integer] :client_side_monitoring_port (31000)
161
+ # Required for publishing client metrics. The port that the client side monitoring
162
+ # agent is running on, where client metrics will be published via UDP.
163
+ #
164
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
165
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
166
+ # will use the Client Side Monitoring Agent Publisher.
167
+ #
168
+ # @option options [Boolean] :convert_params (true)
169
+ # When `true`, an attempt is made to coerce request parameters into
170
+ # the required types.
171
+ #
172
+ # @option options [Boolean] :correct_clock_skew (true)
173
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
174
+ # a clock skew correction and retry requests with skewed client clocks.
175
+ #
176
+ # @option options [Boolean] :disable_host_prefix_injection (false)
177
+ # Set to true to disable SDK automatically adding host prefix
178
+ # to default service endpoint when available.
179
+ #
180
+ # @option options [String] :endpoint
181
+ # The client endpoint is normally constructed from the `:region`
182
+ # option. You should only configure an `:endpoint` when connecting
183
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
184
+ #
185
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
186
+ # Used for the maximum size limit of the LRU cache storing endpoints data
187
+ # for endpoint discovery enabled operations. Defaults to 1000.
188
+ #
189
+ # @option options [Integer] :endpoint_cache_max_threads (10)
190
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
191
+ #
192
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
193
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
194
+ # Use this option to config the time interval in seconds for making
195
+ # requests fetching endpoints information. Defaults to 60 sec.
196
+ #
197
+ # @option options [Boolean] :endpoint_discovery (false)
198
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
199
+ #
200
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
201
+ # The log formatter.
202
+ #
203
+ # @option options [Symbol] :log_level (:info)
204
+ # The log level to send messages to the `:logger` at.
205
+ #
206
+ # @option options [Logger] :logger
207
+ # The Logger instance to send log messages to. If this option
208
+ # is not set, logging will be disabled.
209
+ #
210
+ # @option options [Integer] :max_attempts (3)
211
+ # An integer representing the maximum number attempts that will be made for
212
+ # a single request, including the initial attempt. For example,
213
+ # setting this value to 5 will result in a request being retried up to
214
+ # 4 times. Used in `standard` and `adaptive` retry modes.
215
+ #
216
+ # @option options [String] :profile ("default")
217
+ # Used when loading credentials from the shared credentials file
218
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
219
+ #
220
+ # @option options [Proc] :retry_backoff
221
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
222
+ # This option is only used in the `legacy` retry mode.
223
+ #
224
+ # @option options [Float] :retry_base_delay (0.3)
225
+ # The base delay in seconds used by the default backoff function. This option
226
+ # is only used in the `legacy` retry mode.
227
+ #
228
+ # @option options [Symbol] :retry_jitter (:none)
229
+ # A delay randomiser function used by the default backoff function.
230
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
231
+ # otherwise a Proc that takes and returns a number. This option is only used
232
+ # in the `legacy` retry mode.
233
+ #
234
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
235
+ #
236
+ # @option options [Integer] :retry_limit (3)
237
+ # The maximum number of times to retry failed requests. Only
238
+ # ~ 500 level server errors and certain ~ 400 level client errors
239
+ # are retried. Generally, these are throttling errors, data
240
+ # checksum errors, networking errors, timeout errors, auth errors,
241
+ # endpoint discovery, and errors from expired credentials.
242
+ # This option is only used in the `legacy` retry mode.
243
+ #
244
+ # @option options [Integer] :retry_max_delay (0)
245
+ # The maximum number of seconds to delay between retries (0 for no limit)
246
+ # used by the default backoff function. This option is only used in the
247
+ # `legacy` retry mode.
248
+ #
249
+ # @option options [String] :retry_mode ("legacy")
250
+ # Specifies which retry algorithm to use. Values are:
251
+ #
252
+ # * `legacy` - The pre-existing retry behavior. This is default value if
253
+ # no retry mode is provided.
254
+ #
255
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
256
+ # This includes support for retry quotas, which limit the number of
257
+ # unsuccessful retries a client can make.
258
+ #
259
+ # * `adaptive` - An experimental retry mode that includes all the
260
+ # functionality of `standard` mode along with automatic client side
261
+ # throttling. This is a provisional mode that may change behavior
262
+ # in the future.
263
+ #
264
+ #
265
+ # @option options [String] :secret_access_key
266
+ #
267
+ # @option options [String] :session_token
268
+ #
269
+ # @option options [Boolean] :simple_json (false)
270
+ # Disables request parameter conversion, validation, and formatting.
271
+ # Also disable response data type conversions. This option is useful
272
+ # when you want to ensure the highest level of performance by
273
+ # avoiding overhead of walking request parameters and response data
274
+ # structures.
275
+ #
276
+ # When `:simple_json` is enabled, the request parameters hash must
277
+ # be formatted exactly as the DynamoDB API expects.
278
+ #
279
+ # @option options [Boolean] :stub_responses (false)
280
+ # Causes the client to return stubbed responses. By default
281
+ # fake responses are generated and returned. You can specify
282
+ # the response data to return or errors to raise by calling
283
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
284
+ #
285
+ # ** Please note ** When response stubbing is enabled, no HTTP
286
+ # requests are made, and retries are disabled.
287
+ #
288
+ # @option options [Boolean] :validate_params (true)
289
+ # When `true`, request parameters are validated before
290
+ # sending the request.
291
+ #
292
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
293
+ # requests through. Formatted like 'http://proxy.com:123'.
294
+ #
295
+ # @option options [Float] :http_open_timeout (15) The number of
296
+ # seconds to wait when opening a HTTP session before raising a
297
+ # `Timeout::Error`.
298
+ #
299
+ # @option options [Integer] :http_read_timeout (60) The default
300
+ # number of seconds to wait for response data. This value can
301
+ # safely be set per-request on the session.
302
+ #
303
+ # @option options [Float] :http_idle_timeout (5) The number of
304
+ # seconds a connection is allowed to sit idle before it is
305
+ # considered stale. Stale connections are closed and removed
306
+ # from the pool before making a request.
307
+ #
308
+ # @option options [Float] :http_continue_timeout (1) The number of
309
+ # seconds to wait for a 100-continue response before sending the
310
+ # request body. This option has no effect unless the request has
311
+ # "Expect" header set to "100-continue". Defaults to `nil` which
312
+ # disables this behaviour. This value can safely be set per
313
+ # request on the session.
314
+ #
315
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
316
+ # HTTP debug output will be sent to the `:logger`.
317
+ #
318
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
319
+ # SSL peer certificates are verified when establishing a
320
+ # connection.
321
+ #
322
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
323
+ # certificate authority bundle file that should be used when
324
+ # verifying peer certificates. If you do not pass
325
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
326
+ # will be used if available.
327
+ #
328
+ # @option options [String] :ssl_ca_directory Full path of the
329
+ # directory that contains the unbundled SSL certificate
330
+ # authority files for verifying peer certificates. If you do
331
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
332
+ # system default will be used if available.
333
+ #
334
+ def initialize(*args)
335
+ super
336
+ end
337
+
338
+ # @!group API Operations
339
+
340
+ # Attaches an IAM managed policy ARN to a permission set.
341
+ #
342
+ # @option params [required, String] :instance_arn
343
+ # The ARN of the SSO instance under which the operation will be
344
+ # executed. For more information about ARNs, see [Amazon Resource Names
345
+ # (ARNs) and AWS Service
346
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
347
+ # *AWS General Reference*.
348
+ #
349
+ # @option params [required, String] :permission_set_arn
350
+ # The ARN of the PermissionSet that the managed policy should be
351
+ # attached to.
352
+ #
353
+ # @option params [required, String] :managed_policy_arn
354
+ # The IAM managed policy ARN to be attached to a permission set.
355
+ #
356
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
357
+ #
358
+ # @example Request syntax with placeholder values
359
+ #
360
+ # resp = client.attach_managed_policy_to_permission_set({
361
+ # instance_arn: "InstanceArn", # required
362
+ # permission_set_arn: "PermissionSetArn", # required
363
+ # managed_policy_arn: "ManagedPolicyArn", # required
364
+ # })
365
+ #
366
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSet AWS API Documentation
367
+ #
368
+ # @overload attach_managed_policy_to_permission_set(params = {})
369
+ # @param [Hash] params ({})
370
+ def attach_managed_policy_to_permission_set(params = {}, options = {})
371
+ req = build_request(:attach_managed_policy_to_permission_set, params)
372
+ req.send_request(options)
373
+ end
374
+
375
+ # Assigns access to a principal for a specified AWS account using a
376
+ # specified permission set.
377
+ #
378
+ # <note markdown="1"> The term *principal* here refers to a user or group that is defined in
379
+ # AWS SSO.
380
+ #
381
+ # </note>
382
+ #
383
+ # @option params [required, String] :instance_arn
384
+ # The ARN of the SSO instance under which the operation will be
385
+ # executed. For more information about ARNs, see [Amazon Resource Names
386
+ # (ARNs) and AWS Service
387
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
388
+ # *AWS General Reference*.
389
+ #
390
+ # @option params [required, String] :target_id
391
+ # The identifier for the chosen target.
392
+ #
393
+ # @option params [required, String] :target_type
394
+ # The entity type for which the assignment will be created.
395
+ #
396
+ # @option params [required, String] :permission_set_arn
397
+ # The ARN of the permission set that the admin wants to grant the
398
+ # principal access to.
399
+ #
400
+ # @option params [required, String] :principal_type
401
+ # The entity type for which the assignment will be created.
402
+ #
403
+ # @option params [required, String] :principal_id
404
+ # The identifier of the principal.
405
+ #
406
+ # @return [Types::CreateAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
407
+ #
408
+ # * {Types::CreateAccountAssignmentResponse#account_assignment_creation_status #account_assignment_creation_status} => Types::AccountAssignmentOperationStatus
409
+ #
410
+ # @example Request syntax with placeholder values
411
+ #
412
+ # resp = client.create_account_assignment({
413
+ # instance_arn: "InstanceArn", # required
414
+ # target_id: "TargetId", # required
415
+ # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
416
+ # permission_set_arn: "PermissionSetArn", # required
417
+ # principal_type: "USER", # required, accepts USER, GROUP
418
+ # principal_id: "PrincipalId", # required
419
+ # })
420
+ #
421
+ # @example Response structure
422
+ #
423
+ # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
424
+ # resp.account_assignment_creation_status.request_id #=> String
425
+ # resp.account_assignment_creation_status.failure_reason #=> String
426
+ # resp.account_assignment_creation_status.target_id #=> String
427
+ # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
428
+ # resp.account_assignment_creation_status.permission_set_arn #=> String
429
+ # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
430
+ # resp.account_assignment_creation_status.principal_id #=> String
431
+ # resp.account_assignment_creation_status.created_date #=> Time
432
+ #
433
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignment AWS API Documentation
434
+ #
435
+ # @overload create_account_assignment(params = {})
436
+ # @param [Hash] params ({})
437
+ def create_account_assignment(params = {}, options = {})
438
+ req = build_request(:create_account_assignment, params)
439
+ req.send_request(options)
440
+ end
441
+
442
+ # Creates a permission set within a specified SSO instance.
443
+ #
444
+ # @option params [required, String] :name
445
+ # The name of the PermissionSet.
446
+ #
447
+ # @option params [String] :description
448
+ # The description of the PermissionSet.
449
+ #
450
+ # @option params [required, String] :instance_arn
451
+ # The ARN of the SSO instance under which the operation will be
452
+ # executed. For more information about ARNs, see [Amazon Resource Names
453
+ # (ARNs) and AWS Service
454
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
455
+ # *AWS General Reference*.
456
+ #
457
+ # @option params [String] :session_duration
458
+ # The length of time that the application user sessions are valid in the
459
+ # ISO-8601 standard.
460
+ #
461
+ # @option params [String] :relay_state
462
+ # Used to redirect users within the application during the federation
463
+ # authentication process.
464
+ #
465
+ # @option params [Array<Types::Tag>] :tags
466
+ # The tags to attach to the new PermissionSet.
467
+ #
468
+ # @return [Types::CreatePermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
469
+ #
470
+ # * {Types::CreatePermissionSetResponse#permission_set #permission_set} => Types::PermissionSet
471
+ #
472
+ # @example Request syntax with placeholder values
473
+ #
474
+ # resp = client.create_permission_set({
475
+ # name: "PermissionSetName", # required
476
+ # description: "PermissionSetDescription",
477
+ # instance_arn: "InstanceArn", # required
478
+ # session_duration: "Duration",
479
+ # relay_state: "RelayState",
480
+ # tags: [
481
+ # {
482
+ # key: "TagKey",
483
+ # value: "TagValue",
484
+ # },
485
+ # ],
486
+ # })
487
+ #
488
+ # @example Response structure
489
+ #
490
+ # resp.permission_set.name #=> String
491
+ # resp.permission_set.permission_set_arn #=> String
492
+ # resp.permission_set.description #=> String
493
+ # resp.permission_set.created_date #=> Time
494
+ # resp.permission_set.session_duration #=> String
495
+ # resp.permission_set.relay_state #=> String
496
+ #
497
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSet AWS API Documentation
498
+ #
499
+ # @overload create_permission_set(params = {})
500
+ # @param [Hash] params ({})
501
+ def create_permission_set(params = {}, options = {})
502
+ req = build_request(:create_permission_set, params)
503
+ req.send_request(options)
504
+ end
505
+
506
+ # Deletes a principal's access from a specified AWS account using a
507
+ # specified permission set.
508
+ #
509
+ # @option params [required, String] :instance_arn
510
+ # The ARN of the SSO instance under which the operation will be
511
+ # executed. For more information about ARNs, see [Amazon Resource Names
512
+ # (ARNs) and AWS Service
513
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
514
+ # *AWS General Reference*.
515
+ #
516
+ # @option params [required, String] :target_id
517
+ # The identifier for the chosen target.
518
+ #
519
+ # @option params [required, String] :target_type
520
+ # The entity type for which the assignment will be deleted.
521
+ #
522
+ # @option params [required, String] :permission_set_arn
523
+ # The ARN of the permission set that will be used to remove access.
524
+ #
525
+ # @option params [required, String] :principal_type
526
+ # The entity type for which the assignment will be deleted.
527
+ #
528
+ # @option params [required, String] :principal_id
529
+ # The identifier of the principal.
530
+ #
531
+ # @return [Types::DeleteAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
532
+ #
533
+ # * {Types::DeleteAccountAssignmentResponse#account_assignment_deletion_status #account_assignment_deletion_status} => Types::AccountAssignmentOperationStatus
534
+ #
535
+ # @example Request syntax with placeholder values
536
+ #
537
+ # resp = client.delete_account_assignment({
538
+ # instance_arn: "InstanceArn", # required
539
+ # target_id: "TargetId", # required
540
+ # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
541
+ # permission_set_arn: "PermissionSetArn", # required
542
+ # principal_type: "USER", # required, accepts USER, GROUP
543
+ # principal_id: "PrincipalId", # required
544
+ # })
545
+ #
546
+ # @example Response structure
547
+ #
548
+ # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
549
+ # resp.account_assignment_deletion_status.request_id #=> String
550
+ # resp.account_assignment_deletion_status.failure_reason #=> String
551
+ # resp.account_assignment_deletion_status.target_id #=> String
552
+ # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
553
+ # resp.account_assignment_deletion_status.permission_set_arn #=> String
554
+ # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
555
+ # resp.account_assignment_deletion_status.principal_id #=> String
556
+ # resp.account_assignment_deletion_status.created_date #=> Time
557
+ #
558
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignment AWS API Documentation
559
+ #
560
+ # @overload delete_account_assignment(params = {})
561
+ # @param [Hash] params ({})
562
+ def delete_account_assignment(params = {}, options = {})
563
+ req = build_request(:delete_account_assignment, params)
564
+ req.send_request(options)
565
+ end
566
+
567
+ # Deletes the inline policy from a specified permission set.
568
+ #
569
+ # @option params [required, String] :instance_arn
570
+ # The ARN of the SSO instance under which the operation will be
571
+ # executed. For more information about ARNs, see [Amazon Resource Names
572
+ # (ARNs) and AWS Service
573
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
574
+ # *AWS General Reference*.
575
+ #
576
+ # @option params [required, String] :permission_set_arn
577
+ # The ARN of the permission set that will be used to remove access.
578
+ #
579
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
580
+ #
581
+ # @example Request syntax with placeholder values
582
+ #
583
+ # resp = client.delete_inline_policy_from_permission_set({
584
+ # instance_arn: "InstanceArn", # required
585
+ # permission_set_arn: "PermissionSetArn", # required
586
+ # })
587
+ #
588
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInlinePolicyFromPermissionSet AWS API Documentation
589
+ #
590
+ # @overload delete_inline_policy_from_permission_set(params = {})
591
+ # @param [Hash] params ({})
592
+ def delete_inline_policy_from_permission_set(params = {}, options = {})
593
+ req = build_request(:delete_inline_policy_from_permission_set, params)
594
+ req.send_request(options)
595
+ end
596
+
597
+ # Deletes the specified permission set.
598
+ #
599
+ # @option params [required, String] :instance_arn
600
+ # The ARN of the SSO instance under which the operation will be
601
+ # executed. For more information about ARNs, see [Amazon Resource Names
602
+ # (ARNs) and AWS Service
603
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
604
+ # *AWS General Reference*.
605
+ #
606
+ # @option params [required, String] :permission_set_arn
607
+ # The ARN of the permission set that should be deleted.
608
+ #
609
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
610
+ #
611
+ # @example Request syntax with placeholder values
612
+ #
613
+ # resp = client.delete_permission_set({
614
+ # instance_arn: "InstanceArn", # required
615
+ # permission_set_arn: "PermissionSetArn", # required
616
+ # })
617
+ #
618
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionSet AWS API Documentation
619
+ #
620
+ # @overload delete_permission_set(params = {})
621
+ # @param [Hash] params ({})
622
+ def delete_permission_set(params = {}, options = {})
623
+ req = build_request(:delete_permission_set, params)
624
+ req.send_request(options)
625
+ end
626
+
627
+ # Describes the status of the assignment creation request.
628
+ #
629
+ # @option params [required, String] :instance_arn
630
+ # The ARN of the SSO instance under which the operation will be
631
+ # executed. For more information about ARNs, see [Amazon Resource Names
632
+ # (ARNs) and AWS Service
633
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
634
+ # *AWS General Reference*.
635
+ #
636
+ # @option params [required, String] :account_assignment_creation_request_id
637
+ # The identifier that is used to track the request operation progress.
638
+ #
639
+ # @return [Types::DescribeAccountAssignmentCreationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
640
+ #
641
+ # * {Types::DescribeAccountAssignmentCreationStatusResponse#account_assignment_creation_status #account_assignment_creation_status} => Types::AccountAssignmentOperationStatus
642
+ #
643
+ # @example Request syntax with placeholder values
644
+ #
645
+ # resp = client.describe_account_assignment_creation_status({
646
+ # instance_arn: "InstanceArn", # required
647
+ # account_assignment_creation_request_id: "UUId", # required
648
+ # })
649
+ #
650
+ # @example Response structure
651
+ #
652
+ # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
653
+ # resp.account_assignment_creation_status.request_id #=> String
654
+ # resp.account_assignment_creation_status.failure_reason #=> String
655
+ # resp.account_assignment_creation_status.target_id #=> String
656
+ # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
657
+ # resp.account_assignment_creation_status.permission_set_arn #=> String
658
+ # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
659
+ # resp.account_assignment_creation_status.principal_id #=> String
660
+ # resp.account_assignment_creation_status.created_date #=> Time
661
+ #
662
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatus AWS API Documentation
663
+ #
664
+ # @overload describe_account_assignment_creation_status(params = {})
665
+ # @param [Hash] params ({})
666
+ def describe_account_assignment_creation_status(params = {}, options = {})
667
+ req = build_request(:describe_account_assignment_creation_status, params)
668
+ req.send_request(options)
669
+ end
670
+
671
+ # Describes the status of the assignment deletion request.
672
+ #
673
+ # @option params [required, String] :instance_arn
674
+ # The ARN of the SSO instance under which the operation will be
675
+ # executed. For more information about ARNs, see [Amazon Resource Names
676
+ # (ARNs) and AWS Service
677
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
678
+ # *AWS General Reference*.
679
+ #
680
+ # @option params [required, String] :account_assignment_deletion_request_id
681
+ # The identifier that is used to track the request operation progress.
682
+ #
683
+ # @return [Types::DescribeAccountAssignmentDeletionStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
684
+ #
685
+ # * {Types::DescribeAccountAssignmentDeletionStatusResponse#account_assignment_deletion_status #account_assignment_deletion_status} => Types::AccountAssignmentOperationStatus
686
+ #
687
+ # @example Request syntax with placeholder values
688
+ #
689
+ # resp = client.describe_account_assignment_deletion_status({
690
+ # instance_arn: "InstanceArn", # required
691
+ # account_assignment_deletion_request_id: "UUId", # required
692
+ # })
693
+ #
694
+ # @example Response structure
695
+ #
696
+ # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
697
+ # resp.account_assignment_deletion_status.request_id #=> String
698
+ # resp.account_assignment_deletion_status.failure_reason #=> String
699
+ # resp.account_assignment_deletion_status.target_id #=> String
700
+ # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
701
+ # resp.account_assignment_deletion_status.permission_set_arn #=> String
702
+ # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
703
+ # resp.account_assignment_deletion_status.principal_id #=> String
704
+ # resp.account_assignment_deletion_status.created_date #=> Time
705
+ #
706
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatus AWS API Documentation
707
+ #
708
+ # @overload describe_account_assignment_deletion_status(params = {})
709
+ # @param [Hash] params ({})
710
+ def describe_account_assignment_deletion_status(params = {}, options = {})
711
+ req = build_request(:describe_account_assignment_deletion_status, params)
712
+ req.send_request(options)
713
+ end
714
+
715
+ # Gets the details of the permission set.
716
+ #
717
+ # @option params [required, String] :instance_arn
718
+ # The ARN of the SSO instance under which the operation will be
719
+ # executed. For more information about ARNs, see [Amazon Resource Names
720
+ # (ARNs) and AWS Service
721
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
722
+ # *AWS General Reference*.
723
+ #
724
+ # @option params [required, String] :permission_set_arn
725
+ # The ARN of the permission set.
726
+ #
727
+ # @return [Types::DescribePermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
728
+ #
729
+ # * {Types::DescribePermissionSetResponse#permission_set #permission_set} => Types::PermissionSet
730
+ #
731
+ # @example Request syntax with placeholder values
732
+ #
733
+ # resp = client.describe_permission_set({
734
+ # instance_arn: "InstanceArn", # required
735
+ # permission_set_arn: "PermissionSetArn", # required
736
+ # })
737
+ #
738
+ # @example Response structure
739
+ #
740
+ # resp.permission_set.name #=> String
741
+ # resp.permission_set.permission_set_arn #=> String
742
+ # resp.permission_set.description #=> String
743
+ # resp.permission_set.created_date #=> Time
744
+ # resp.permission_set.session_duration #=> String
745
+ # resp.permission_set.relay_state #=> String
746
+ #
747
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSet AWS API Documentation
748
+ #
749
+ # @overload describe_permission_set(params = {})
750
+ # @param [Hash] params ({})
751
+ def describe_permission_set(params = {}, options = {})
752
+ req = build_request(:describe_permission_set, params)
753
+ req.send_request(options)
754
+ end
755
+
756
+ # Describes the status for the given permission set provisioning
757
+ # request.
758
+ #
759
+ # @option params [required, String] :instance_arn
760
+ # The ARN of the SSO instance under which the operation will be
761
+ # executed. For more information about ARNs, see [Amazon Resource Names
762
+ # (ARNs) and AWS Service
763
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
764
+ # *AWS General Reference*.
765
+ #
766
+ # @option params [required, String] :provision_permission_set_request_id
767
+ # The identifier that is provided by the ProvisionPermissionSet call to
768
+ # retrieve the current status of the provisioning workflow.
769
+ #
770
+ # @return [Types::DescribePermissionSetProvisioningStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
771
+ #
772
+ # * {Types::DescribePermissionSetProvisioningStatusResponse#permission_set_provisioning_status #permission_set_provisioning_status} => Types::PermissionSetProvisioningStatus
773
+ #
774
+ # @example Request syntax with placeholder values
775
+ #
776
+ # resp = client.describe_permission_set_provisioning_status({
777
+ # instance_arn: "InstanceArn", # required
778
+ # provision_permission_set_request_id: "UUId", # required
779
+ # })
780
+ #
781
+ # @example Response structure
782
+ #
783
+ # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
784
+ # resp.permission_set_provisioning_status.request_id #=> String
785
+ # resp.permission_set_provisioning_status.account_id #=> String
786
+ # resp.permission_set_provisioning_status.permission_set_arn #=> String
787
+ # resp.permission_set_provisioning_status.failure_reason #=> String
788
+ # resp.permission_set_provisioning_status.created_date #=> Time
789
+ #
790
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetProvisioningStatus AWS API Documentation
791
+ #
792
+ # @overload describe_permission_set_provisioning_status(params = {})
793
+ # @param [Hash] params ({})
794
+ def describe_permission_set_provisioning_status(params = {}, options = {})
795
+ req = build_request(:describe_permission_set_provisioning_status, params)
796
+ req.send_request(options)
797
+ end
798
+
799
+ # Detaches the attached IAM managed policy ARN from the specified
800
+ # permission set.
801
+ #
802
+ # @option params [required, String] :instance_arn
803
+ # The ARN of the SSO instance under which the operation will be
804
+ # executed. For more information about ARNs, see [Amazon Resource Names
805
+ # (ARNs) and AWS Service
806
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
807
+ # *AWS General Reference*.
808
+ #
809
+ # @option params [required, String] :permission_set_arn
810
+ # The ARN of the PermissionSet from which the policy should be detached.
811
+ #
812
+ # @option params [required, String] :managed_policy_arn
813
+ # The IAM managed policy ARN to be attached to a permission set.
814
+ #
815
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
816
+ #
817
+ # @example Request syntax with placeholder values
818
+ #
819
+ # resp = client.detach_managed_policy_from_permission_set({
820
+ # instance_arn: "InstanceArn", # required
821
+ # permission_set_arn: "PermissionSetArn", # required
822
+ # managed_policy_arn: "ManagedPolicyArn", # required
823
+ # })
824
+ #
825
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSet AWS API Documentation
826
+ #
827
+ # @overload detach_managed_policy_from_permission_set(params = {})
828
+ # @param [Hash] params ({})
829
+ def detach_managed_policy_from_permission_set(params = {}, options = {})
830
+ req = build_request(:detach_managed_policy_from_permission_set, params)
831
+ req.send_request(options)
832
+ end
833
+
834
+ # Obtains the inline policy assigned to the permission set.
835
+ #
836
+ # @option params [required, String] :instance_arn
837
+ # The ARN of the SSO instance under which the operation will be
838
+ # executed. For more information about ARNs, see [Amazon Resource Names
839
+ # (ARNs) and AWS Service
840
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
841
+ # *AWS General Reference*.
842
+ #
843
+ # @option params [required, String] :permission_set_arn
844
+ # The ARN of the permission set.
845
+ #
846
+ # @return [Types::GetInlinePolicyForPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
847
+ #
848
+ # * {Types::GetInlinePolicyForPermissionSetResponse#inline_policy #inline_policy} => String
849
+ #
850
+ # @example Request syntax with placeholder values
851
+ #
852
+ # resp = client.get_inline_policy_for_permission_set({
853
+ # instance_arn: "InstanceArn", # required
854
+ # permission_set_arn: "PermissionSetArn", # required
855
+ # })
856
+ #
857
+ # @example Response structure
858
+ #
859
+ # resp.inline_policy #=> String
860
+ #
861
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetInlinePolicyForPermissionSet AWS API Documentation
862
+ #
863
+ # @overload get_inline_policy_for_permission_set(params = {})
864
+ # @param [Hash] params ({})
865
+ def get_inline_policy_for_permission_set(params = {}, options = {})
866
+ req = build_request(:get_inline_policy_for_permission_set, params)
867
+ req.send_request(options)
868
+ end
869
+
870
+ # Lists the status of the AWS account assignment creation requests for a
871
+ # specified SSO instance.
872
+ #
873
+ # @option params [required, String] :instance_arn
874
+ # The ARN of the SSO instance under which the operation will be
875
+ # executed. For more information about ARNs, see [Amazon Resource Names
876
+ # (ARNs) and AWS Service
877
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
878
+ # *AWS General Reference*.
879
+ #
880
+ # @option params [Integer] :max_results
881
+ # The maximum number of results to display for the assignment.
882
+ #
883
+ # @option params [String] :next_token
884
+ # The pagination token for the list API. Initially the value is null.
885
+ # Use the output of previous API calls to make subsequent calls.
886
+ #
887
+ # @option params [Types::OperationStatusFilter] :filter
888
+ # Filters results based on the passed attribute value.
889
+ #
890
+ # @return [Types::ListAccountAssignmentCreationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
891
+ #
892
+ # * {Types::ListAccountAssignmentCreationStatusResponse#account_assignments_creation_status #account_assignments_creation_status} => Array&lt;Types::AccountAssignmentOperationStatusMetadata&gt;
893
+ # * {Types::ListAccountAssignmentCreationStatusResponse#next_token #next_token} => String
894
+ #
895
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
896
+ #
897
+ # @example Request syntax with placeholder values
898
+ #
899
+ # resp = client.list_account_assignment_creation_status({
900
+ # instance_arn: "InstanceArn", # required
901
+ # max_results: 1,
902
+ # next_token: "Token",
903
+ # filter: {
904
+ # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
905
+ # },
906
+ # })
907
+ #
908
+ # @example Response structure
909
+ #
910
+ # resp.account_assignments_creation_status #=> Array
911
+ # resp.account_assignments_creation_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
912
+ # resp.account_assignments_creation_status[0].request_id #=> String
913
+ # resp.account_assignments_creation_status[0].created_date #=> Time
914
+ # resp.next_token #=> String
915
+ #
916
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatus AWS API Documentation
917
+ #
918
+ # @overload list_account_assignment_creation_status(params = {})
919
+ # @param [Hash] params ({})
920
+ def list_account_assignment_creation_status(params = {}, options = {})
921
+ req = build_request(:list_account_assignment_creation_status, params)
922
+ req.send_request(options)
923
+ end
924
+
925
+ # Lists the status of the AWS account assignment deletion requests for a
926
+ # specified SSO instance.
927
+ #
928
+ # @option params [required, String] :instance_arn
929
+ # The ARN of the SSO instance under which the operation will be
930
+ # executed. For more information about ARNs, see [Amazon Resource Names
931
+ # (ARNs) and AWS Service
932
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
933
+ # *AWS General Reference*.
934
+ #
935
+ # @option params [Integer] :max_results
936
+ # The maximum number of results to display for the assignment.
937
+ #
938
+ # @option params [String] :next_token
939
+ # The pagination token for the list API. Initially the value is null.
940
+ # Use the output of previous API calls to make subsequent calls.
941
+ #
942
+ # @option params [Types::OperationStatusFilter] :filter
943
+ # Filters results based on the passed attribute value.
944
+ #
945
+ # @return [Types::ListAccountAssignmentDeletionStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
946
+ #
947
+ # * {Types::ListAccountAssignmentDeletionStatusResponse#account_assignments_deletion_status #account_assignments_deletion_status} => Array&lt;Types::AccountAssignmentOperationStatusMetadata&gt;
948
+ # * {Types::ListAccountAssignmentDeletionStatusResponse#next_token #next_token} => String
949
+ #
950
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
951
+ #
952
+ # @example Request syntax with placeholder values
953
+ #
954
+ # resp = client.list_account_assignment_deletion_status({
955
+ # instance_arn: "InstanceArn", # required
956
+ # max_results: 1,
957
+ # next_token: "Token",
958
+ # filter: {
959
+ # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
960
+ # },
961
+ # })
962
+ #
963
+ # @example Response structure
964
+ #
965
+ # resp.account_assignments_deletion_status #=> Array
966
+ # resp.account_assignments_deletion_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
967
+ # resp.account_assignments_deletion_status[0].request_id #=> String
968
+ # resp.account_assignments_deletion_status[0].created_date #=> Time
969
+ # resp.next_token #=> String
970
+ #
971
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatus AWS API Documentation
972
+ #
973
+ # @overload list_account_assignment_deletion_status(params = {})
974
+ # @param [Hash] params ({})
975
+ def list_account_assignment_deletion_status(params = {}, options = {})
976
+ req = build_request(:list_account_assignment_deletion_status, params)
977
+ req.send_request(options)
978
+ end
979
+
980
+ # Lists the assignee of the specified AWS account with the specified
981
+ # permission set.
982
+ #
983
+ # @option params [required, String] :instance_arn
984
+ # The ARN of the SSO instance under which the operation will be
985
+ # executed. For more information about ARNs, see [Amazon Resource Names
986
+ # (ARNs) and AWS Service
987
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
988
+ # *AWS General Reference*.
989
+ #
990
+ # @option params [required, String] :account_id
991
+ # The identifier of the AWS account from which to list the assignments.
992
+ #
993
+ # @option params [required, String] :permission_set_arn
994
+ # The ARN of the permission set from which to list assignments.
995
+ #
996
+ # @option params [Integer] :max_results
997
+ # The maximum number of results to display for the assignment.
998
+ #
999
+ # @option params [String] :next_token
1000
+ # The pagination token for the list API. Initially the value is null.
1001
+ # Use the output of previous API calls to make subsequent calls.
1002
+ #
1003
+ # @return [Types::ListAccountAssignmentsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1004
+ #
1005
+ # * {Types::ListAccountAssignmentsResponse#account_assignments #account_assignments} => Array&lt;Types::AccountAssignment&gt;
1006
+ # * {Types::ListAccountAssignmentsResponse#next_token #next_token} => String
1007
+ #
1008
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1009
+ #
1010
+ # @example Request syntax with placeholder values
1011
+ #
1012
+ # resp = client.list_account_assignments({
1013
+ # instance_arn: "InstanceArn", # required
1014
+ # account_id: "TargetId", # required
1015
+ # permission_set_arn: "PermissionSetArn", # required
1016
+ # max_results: 1,
1017
+ # next_token: "Token",
1018
+ # })
1019
+ #
1020
+ # @example Response structure
1021
+ #
1022
+ # resp.account_assignments #=> Array
1023
+ # resp.account_assignments[0].account_id #=> String
1024
+ # resp.account_assignments[0].permission_set_arn #=> String
1025
+ # resp.account_assignments[0].principal_type #=> String, one of "USER", "GROUP"
1026
+ # resp.account_assignments[0].principal_id #=> String
1027
+ # resp.next_token #=> String
1028
+ #
1029
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignments AWS API Documentation
1030
+ #
1031
+ # @overload list_account_assignments(params = {})
1032
+ # @param [Hash] params ({})
1033
+ def list_account_assignments(params = {}, options = {})
1034
+ req = build_request(:list_account_assignments, params)
1035
+ req.send_request(options)
1036
+ end
1037
+
1038
+ # Lists all the AWS accounts where the specified permission set is
1039
+ # provisioned.
1040
+ #
1041
+ # @option params [required, String] :instance_arn
1042
+ # The ARN of the SSO instance under which the operation will be
1043
+ # executed. For more information about ARNs, see [Amazon Resource Names
1044
+ # (ARNs) and AWS Service
1045
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1046
+ # *AWS General Reference*.
1047
+ #
1048
+ # @option params [required, String] :permission_set_arn
1049
+ # The ARN of the PermissionSet from which the associated AWS accounts
1050
+ # will be listed.
1051
+ #
1052
+ # @option params [String] :provisioning_status
1053
+ # The permission set provisioning status for an AWS account.
1054
+ #
1055
+ # @option params [Integer] :max_results
1056
+ # The maximum number of results to display for the PermissionSet.
1057
+ #
1058
+ # @option params [String] :next_token
1059
+ # The pagination token for the list API. Initially the value is null.
1060
+ # Use the output of previous API calls to make subsequent calls.
1061
+ #
1062
+ # @return [Types::ListAccountsForProvisionedPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1063
+ #
1064
+ # * {Types::ListAccountsForProvisionedPermissionSetResponse#account_ids #account_ids} => Array&lt;String&gt;
1065
+ # * {Types::ListAccountsForProvisionedPermissionSetResponse#next_token #next_token} => String
1066
+ #
1067
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1068
+ #
1069
+ # @example Request syntax with placeholder values
1070
+ #
1071
+ # resp = client.list_accounts_for_provisioned_permission_set({
1072
+ # instance_arn: "InstanceArn", # required
1073
+ # permission_set_arn: "PermissionSetArn", # required
1074
+ # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1075
+ # max_results: 1,
1076
+ # next_token: "Token",
1077
+ # })
1078
+ #
1079
+ # @example Response structure
1080
+ #
1081
+ # resp.account_ids #=> Array
1082
+ # resp.account_ids[0] #=> String
1083
+ # resp.next_token #=> String
1084
+ #
1085
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountsForProvisionedPermissionSet AWS API Documentation
1086
+ #
1087
+ # @overload list_accounts_for_provisioned_permission_set(params = {})
1088
+ # @param [Hash] params ({})
1089
+ def list_accounts_for_provisioned_permission_set(params = {}, options = {})
1090
+ req = build_request(:list_accounts_for_provisioned_permission_set, params)
1091
+ req.send_request(options)
1092
+ end
1093
+
1094
+ # Lists the SSO instances that the caller has access to.
1095
+ #
1096
+ # @option params [Integer] :max_results
1097
+ # The maximum number of results to display for the instance.
1098
+ #
1099
+ # @option params [String] :next_token
1100
+ # The pagination token for the list API. Initially the value is null.
1101
+ # Use the output of previous API calls to make subsequent calls.
1102
+ #
1103
+ # @return [Types::ListInstancesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1104
+ #
1105
+ # * {Types::ListInstancesResponse#instances #instances} => Array&lt;Types::InstanceMetadata&gt;
1106
+ # * {Types::ListInstancesResponse#next_token #next_token} => String
1107
+ #
1108
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1109
+ #
1110
+ # @example Request syntax with placeholder values
1111
+ #
1112
+ # resp = client.list_instances({
1113
+ # max_results: 1,
1114
+ # next_token: "Token",
1115
+ # })
1116
+ #
1117
+ # @example Response structure
1118
+ #
1119
+ # resp.instances #=> Array
1120
+ # resp.instances[0].instance_arn #=> String
1121
+ # resp.instances[0].identity_store_id #=> String
1122
+ # resp.next_token #=> String
1123
+ #
1124
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListInstances AWS API Documentation
1125
+ #
1126
+ # @overload list_instances(params = {})
1127
+ # @param [Hash] params ({})
1128
+ def list_instances(params = {}, options = {})
1129
+ req = build_request(:list_instances, params)
1130
+ req.send_request(options)
1131
+ end
1132
+
1133
+ # Lists the IAM managed policy that is attached to a specified
1134
+ # permission set.
1135
+ #
1136
+ # @option params [required, String] :instance_arn
1137
+ # The ARN of the SSO instance under which the operation will be
1138
+ # executed. For more information about ARNs, see [Amazon Resource Names
1139
+ # (ARNs) and AWS Service
1140
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1141
+ # *AWS General Reference*.
1142
+ #
1143
+ # @option params [required, String] :permission_set_arn
1144
+ # The ARN of the PermissionSet whose managed policies will be listed.
1145
+ #
1146
+ # @option params [Integer] :max_results
1147
+ # The maximum number of results to display for the PermissionSet.
1148
+ #
1149
+ # @option params [String] :next_token
1150
+ # The pagination token for the list API. Initially the value is null.
1151
+ # Use the output of previous API calls to make subsequent calls.
1152
+ #
1153
+ # @return [Types::ListManagedPoliciesInPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1154
+ #
1155
+ # * {Types::ListManagedPoliciesInPermissionSetResponse#attached_managed_policies #attached_managed_policies} => Array&lt;Types::AttachedManagedPolicy&gt;
1156
+ # * {Types::ListManagedPoliciesInPermissionSetResponse#next_token #next_token} => String
1157
+ #
1158
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1159
+ #
1160
+ # @example Request syntax with placeholder values
1161
+ #
1162
+ # resp = client.list_managed_policies_in_permission_set({
1163
+ # instance_arn: "InstanceArn", # required
1164
+ # permission_set_arn: "PermissionSetArn", # required
1165
+ # max_results: 1,
1166
+ # next_token: "Token",
1167
+ # })
1168
+ #
1169
+ # @example Response structure
1170
+ #
1171
+ # resp.attached_managed_policies #=> Array
1172
+ # resp.attached_managed_policies[0].name #=> String
1173
+ # resp.attached_managed_policies[0].arn #=> String
1174
+ # resp.next_token #=> String
1175
+ #
1176
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSet AWS API Documentation
1177
+ #
1178
+ # @overload list_managed_policies_in_permission_set(params = {})
1179
+ # @param [Hash] params ({})
1180
+ def list_managed_policies_in_permission_set(params = {}, options = {})
1181
+ req = build_request(:list_managed_policies_in_permission_set, params)
1182
+ req.send_request(options)
1183
+ end
1184
+
1185
+ # Lists the status of the permission set provisioning requests for a
1186
+ # specified SSO instance.
1187
+ #
1188
+ # @option params [required, String] :instance_arn
1189
+ # The ARN of the SSO instance under which the operation will be
1190
+ # executed. For more information about ARNs, see [Amazon Resource Names
1191
+ # (ARNs) and AWS Service
1192
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1193
+ # *AWS General Reference*.
1194
+ #
1195
+ # @option params [Integer] :max_results
1196
+ # The maximum number of results to display for the assignment.
1197
+ #
1198
+ # @option params [String] :next_token
1199
+ # The pagination token for the list API. Initially the value is null.
1200
+ # Use the output of previous API calls to make subsequent calls.
1201
+ #
1202
+ # @option params [Types::OperationStatusFilter] :filter
1203
+ # Filters results based on the passed attribute value.
1204
+ #
1205
+ # @return [Types::ListPermissionSetProvisioningStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1206
+ #
1207
+ # * {Types::ListPermissionSetProvisioningStatusResponse#permission_sets_provisioning_status #permission_sets_provisioning_status} => Array&lt;Types::PermissionSetProvisioningStatusMetadata&gt;
1208
+ # * {Types::ListPermissionSetProvisioningStatusResponse#next_token #next_token} => String
1209
+ #
1210
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1211
+ #
1212
+ # @example Request syntax with placeholder values
1213
+ #
1214
+ # resp = client.list_permission_set_provisioning_status({
1215
+ # instance_arn: "InstanceArn", # required
1216
+ # max_results: 1,
1217
+ # next_token: "Token",
1218
+ # filter: {
1219
+ # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
1220
+ # },
1221
+ # })
1222
+ #
1223
+ # @example Response structure
1224
+ #
1225
+ # resp.permission_sets_provisioning_status #=> Array
1226
+ # resp.permission_sets_provisioning_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1227
+ # resp.permission_sets_provisioning_status[0].request_id #=> String
1228
+ # resp.permission_sets_provisioning_status[0].created_date #=> Time
1229
+ # resp.next_token #=> String
1230
+ #
1231
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatus AWS API Documentation
1232
+ #
1233
+ # @overload list_permission_set_provisioning_status(params = {})
1234
+ # @param [Hash] params ({})
1235
+ def list_permission_set_provisioning_status(params = {}, options = {})
1236
+ req = build_request(:list_permission_set_provisioning_status, params)
1237
+ req.send_request(options)
1238
+ end
1239
+
1240
+ # Lists the PermissionSets in an SSO instance.
1241
+ #
1242
+ # @option params [required, String] :instance_arn
1243
+ # The ARN of the SSO instance under which the operation will be
1244
+ # executed. For more information about ARNs, see [Amazon Resource Names
1245
+ # (ARNs) and AWS Service
1246
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1247
+ # *AWS General Reference*.
1248
+ #
1249
+ # @option params [String] :next_token
1250
+ # The pagination token for the list API. Initially the value is null.
1251
+ # Use the output of previous API calls to make subsequent calls.
1252
+ #
1253
+ # @option params [Integer] :max_results
1254
+ # The maximum number of results to display for the assignment.
1255
+ #
1256
+ # @return [Types::ListPermissionSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1257
+ #
1258
+ # * {Types::ListPermissionSetsResponse#permission_sets #permission_sets} => Array&lt;String&gt;
1259
+ # * {Types::ListPermissionSetsResponse#next_token #next_token} => String
1260
+ #
1261
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1262
+ #
1263
+ # @example Request syntax with placeholder values
1264
+ #
1265
+ # resp = client.list_permission_sets({
1266
+ # instance_arn: "InstanceArn", # required
1267
+ # next_token: "Token",
1268
+ # max_results: 1,
1269
+ # })
1270
+ #
1271
+ # @example Response structure
1272
+ #
1273
+ # resp.permission_sets #=> Array
1274
+ # resp.permission_sets[0] #=> String
1275
+ # resp.next_token #=> String
1276
+ #
1277
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSets AWS API Documentation
1278
+ #
1279
+ # @overload list_permission_sets(params = {})
1280
+ # @param [Hash] params ({})
1281
+ def list_permission_sets(params = {}, options = {})
1282
+ req = build_request(:list_permission_sets, params)
1283
+ req.send_request(options)
1284
+ end
1285
+
1286
+ # Lists all the permission sets that are provisioned to a specified AWS
1287
+ # account.
1288
+ #
1289
+ # @option params [required, String] :instance_arn
1290
+ # The ARN of the SSO instance under which the operation will be
1291
+ # executed. For more information about ARNs, see [Amazon Resource Names
1292
+ # (ARNs) and AWS Service
1293
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1294
+ # *AWS General Reference*.
1295
+ #
1296
+ # @option params [required, String] :account_id
1297
+ # The identifier of the AWS account from which to list the assignments.
1298
+ #
1299
+ # @option params [String] :provisioning_status
1300
+ # The status object for the permission set provisioning operation.
1301
+ #
1302
+ # @option params [Integer] :max_results
1303
+ # The maximum number of results to display for the assignment.
1304
+ #
1305
+ # @option params [String] :next_token
1306
+ # The pagination token for the list API. Initially the value is null.
1307
+ # Use the output of previous API calls to make subsequent calls.
1308
+ #
1309
+ # @return [Types::ListPermissionSetsProvisionedToAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1310
+ #
1311
+ # * {Types::ListPermissionSetsProvisionedToAccountResponse#next_token #next_token} => String
1312
+ # * {Types::ListPermissionSetsProvisionedToAccountResponse#permission_sets #permission_sets} => Array&lt;String&gt;
1313
+ #
1314
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1315
+ #
1316
+ # @example Request syntax with placeholder values
1317
+ #
1318
+ # resp = client.list_permission_sets_provisioned_to_account({
1319
+ # instance_arn: "InstanceArn", # required
1320
+ # account_id: "AccountId", # required
1321
+ # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1322
+ # max_results: 1,
1323
+ # next_token: "Token",
1324
+ # })
1325
+ #
1326
+ # @example Response structure
1327
+ #
1328
+ # resp.next_token #=> String
1329
+ # resp.permission_sets #=> Array
1330
+ # resp.permission_sets[0] #=> String
1331
+ #
1332
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccount AWS API Documentation
1333
+ #
1334
+ # @overload list_permission_sets_provisioned_to_account(params = {})
1335
+ # @param [Hash] params ({})
1336
+ def list_permission_sets_provisioned_to_account(params = {}, options = {})
1337
+ req = build_request(:list_permission_sets_provisioned_to_account, params)
1338
+ req.send_request(options)
1339
+ end
1340
+
1341
+ # Lists the tags that are attached to a specified resource.
1342
+ #
1343
+ # @option params [required, String] :instance_arn
1344
+ # The ARN of the SSO instance under which the operation will be
1345
+ # executed. For more information about ARNs, see [Amazon Resource Names
1346
+ # (ARNs) and AWS Service
1347
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1348
+ # *AWS General Reference*.
1349
+ #
1350
+ # @option params [required, String] :resource_arn
1351
+ # The ARN of the resource with the tags to be listed.
1352
+ #
1353
+ # @option params [String] :next_token
1354
+ # The pagination token for the list API. Initially the value is null.
1355
+ # Use the output of previous API calls to make subsequent calls.
1356
+ #
1357
+ # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1358
+ #
1359
+ # * {Types::ListTagsForResourceResponse#tags #tags} => Array&lt;Types::Tag&gt;
1360
+ # * {Types::ListTagsForResourceResponse#next_token #next_token} => String
1361
+ #
1362
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1363
+ #
1364
+ # @example Request syntax with placeholder values
1365
+ #
1366
+ # resp = client.list_tags_for_resource({
1367
+ # instance_arn: "InstanceArn", # required
1368
+ # resource_arn: "GeneralArn", # required
1369
+ # next_token: "Token",
1370
+ # })
1371
+ #
1372
+ # @example Response structure
1373
+ #
1374
+ # resp.tags #=> Array
1375
+ # resp.tags[0].key #=> String
1376
+ # resp.tags[0].value #=> String
1377
+ # resp.next_token #=> String
1378
+ #
1379
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResource AWS API Documentation
1380
+ #
1381
+ # @overload list_tags_for_resource(params = {})
1382
+ # @param [Hash] params ({})
1383
+ def list_tags_for_resource(params = {}, options = {})
1384
+ req = build_request(:list_tags_for_resource, params)
1385
+ req.send_request(options)
1386
+ end
1387
+
1388
+ # The process by which a specified permission set is provisioned to the
1389
+ # specified target.
1390
+ #
1391
+ # @option params [required, String] :instance_arn
1392
+ # The ARN of the SSO instance under which the operation will be
1393
+ # executed. For more information about ARNs, see [Amazon Resource Names
1394
+ # (ARNs) and AWS Service
1395
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1396
+ # *AWS General Reference*.
1397
+ #
1398
+ # @option params [required, String] :permission_set_arn
1399
+ # The ARN of the permission set.
1400
+ #
1401
+ # @option params [String] :target_id
1402
+ # The identifier for the chosen target.
1403
+ #
1404
+ # @option params [required, String] :target_type
1405
+ # The entity type for which the assignment will be created.
1406
+ #
1407
+ # @return [Types::ProvisionPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1408
+ #
1409
+ # * {Types::ProvisionPermissionSetResponse#permission_set_provisioning_status #permission_set_provisioning_status} => Types::PermissionSetProvisioningStatus
1410
+ #
1411
+ # @example Request syntax with placeholder values
1412
+ #
1413
+ # resp = client.provision_permission_set({
1414
+ # instance_arn: "InstanceArn", # required
1415
+ # permission_set_arn: "PermissionSetArn", # required
1416
+ # target_id: "TargetId",
1417
+ # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT, ALL_PROVISIONED_ACCOUNTS
1418
+ # })
1419
+ #
1420
+ # @example Response structure
1421
+ #
1422
+ # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1423
+ # resp.permission_set_provisioning_status.request_id #=> String
1424
+ # resp.permission_set_provisioning_status.account_id #=> String
1425
+ # resp.permission_set_provisioning_status.permission_set_arn #=> String
1426
+ # resp.permission_set_provisioning_status.failure_reason #=> String
1427
+ # resp.permission_set_provisioning_status.created_date #=> Time
1428
+ #
1429
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ProvisionPermissionSet AWS API Documentation
1430
+ #
1431
+ # @overload provision_permission_set(params = {})
1432
+ # @param [Hash] params ({})
1433
+ def provision_permission_set(params = {}, options = {})
1434
+ req = build_request(:provision_permission_set, params)
1435
+ req.send_request(options)
1436
+ end
1437
+
1438
+ # Attaches an IAM inline policy to a permission set.
1439
+ #
1440
+ # @option params [required, String] :instance_arn
1441
+ # The ARN of the SSO instance under which the operation will be
1442
+ # executed. For more information about ARNs, see [Amazon Resource Names
1443
+ # (ARNs) and AWS Service
1444
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1445
+ # *AWS General Reference*.
1446
+ #
1447
+ # @option params [required, String] :permission_set_arn
1448
+ # The ARN of the permission set.
1449
+ #
1450
+ # @option params [required, String] :inline_policy
1451
+ # The IAM inline policy to attach to a PermissionSet.
1452
+ #
1453
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1454
+ #
1455
+ # @example Request syntax with placeholder values
1456
+ #
1457
+ # resp = client.put_inline_policy_to_permission_set({
1458
+ # instance_arn: "InstanceArn", # required
1459
+ # permission_set_arn: "PermissionSetArn", # required
1460
+ # inline_policy: "PermissionSetPolicyDocument", # required
1461
+ # })
1462
+ #
1463
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSet AWS API Documentation
1464
+ #
1465
+ # @overload put_inline_policy_to_permission_set(params = {})
1466
+ # @param [Hash] params ({})
1467
+ def put_inline_policy_to_permission_set(params = {}, options = {})
1468
+ req = build_request(:put_inline_policy_to_permission_set, params)
1469
+ req.send_request(options)
1470
+ end
1471
+
1472
+ # Associates a set of tags with a specified resource.
1473
+ #
1474
+ # @option params [required, String] :instance_arn
1475
+ # The ARN of the SSO instance under which the operation will be
1476
+ # executed. For more information about ARNs, see [Amazon Resource Names
1477
+ # (ARNs) and AWS Service
1478
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1479
+ # *AWS General Reference*.
1480
+ #
1481
+ # @option params [required, String] :resource_arn
1482
+ # The ARN of the resource with the tags to be listed.
1483
+ #
1484
+ # @option params [required, Array<Types::Tag>] :tags
1485
+ # A set of key-value pairs that are used to manage the resource.
1486
+ #
1487
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1488
+ #
1489
+ # @example Request syntax with placeholder values
1490
+ #
1491
+ # resp = client.tag_resource({
1492
+ # instance_arn: "InstanceArn", # required
1493
+ # resource_arn: "GeneralArn", # required
1494
+ # tags: [ # required
1495
+ # {
1496
+ # key: "TagKey",
1497
+ # value: "TagValue",
1498
+ # },
1499
+ # ],
1500
+ # })
1501
+ #
1502
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/TagResource AWS API Documentation
1503
+ #
1504
+ # @overload tag_resource(params = {})
1505
+ # @param [Hash] params ({})
1506
+ def tag_resource(params = {}, options = {})
1507
+ req = build_request(:tag_resource, params)
1508
+ req.send_request(options)
1509
+ end
1510
+
1511
+ # Disassociates a set of tags from a specified resource.
1512
+ #
1513
+ # @option params [required, String] :instance_arn
1514
+ # The ARN of the SSO instance under which the operation will be
1515
+ # executed. For more information about ARNs, see [Amazon Resource Names
1516
+ # (ARNs) and AWS Service
1517
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1518
+ # *AWS General Reference*.
1519
+ #
1520
+ # @option params [required, String] :resource_arn
1521
+ # The ARN of the resource with the tags to be listed.
1522
+ #
1523
+ # @option params [required, Array<String>] :tag_keys
1524
+ # The keys of tags that are attached to the resource.
1525
+ #
1526
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1527
+ #
1528
+ # @example Request syntax with placeholder values
1529
+ #
1530
+ # resp = client.untag_resource({
1531
+ # instance_arn: "InstanceArn", # required
1532
+ # resource_arn: "GeneralArn", # required
1533
+ # tag_keys: ["TagKey"], # required
1534
+ # })
1535
+ #
1536
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UntagResource AWS API Documentation
1537
+ #
1538
+ # @overload untag_resource(params = {})
1539
+ # @param [Hash] params ({})
1540
+ def untag_resource(params = {}, options = {})
1541
+ req = build_request(:untag_resource, params)
1542
+ req.send_request(options)
1543
+ end
1544
+
1545
+ # Updates an existing permission set.
1546
+ #
1547
+ # @option params [required, String] :instance_arn
1548
+ # The ARN of the SSO instance under which the operation will be
1549
+ # executed. For more information about ARNs, see [Amazon Resource Names
1550
+ # (ARNs) and AWS Service
1551
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1552
+ # *AWS General Reference*.
1553
+ #
1554
+ # @option params [required, String] :permission_set_arn
1555
+ # The ARN of the permission set.
1556
+ #
1557
+ # @option params [String] :description
1558
+ # The description of the PermissionSet.
1559
+ #
1560
+ # @option params [String] :session_duration
1561
+ # The length of time that the application user sessions are valid for in
1562
+ # the ISO-8601 standard.
1563
+ #
1564
+ # @option params [String] :relay_state
1565
+ # Used to redirect users within the application during the federation
1566
+ # authentication process.
1567
+ #
1568
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1569
+ #
1570
+ # @example Request syntax with placeholder values
1571
+ #
1572
+ # resp = client.update_permission_set({
1573
+ # instance_arn: "InstanceArn", # required
1574
+ # permission_set_arn: "PermissionSetArn", # required
1575
+ # description: "PermissionSetDescription",
1576
+ # session_duration: "Duration",
1577
+ # relay_state: "RelayState",
1578
+ # })
1579
+ #
1580
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSet AWS API Documentation
1581
+ #
1582
+ # @overload update_permission_set(params = {})
1583
+ # @param [Hash] params ({})
1584
+ def update_permission_set(params = {}, options = {})
1585
+ req = build_request(:update_permission_set, params)
1586
+ req.send_request(options)
1587
+ end
1588
+
1589
+ # @!endgroup
1590
+
1591
+ # @param params ({})
1592
+ # @api private
1593
+ def build_request(operation_name, params = {})
1594
+ handlers = @handlers.for(operation_name)
1595
+ context = Seahorse::Client::RequestContext.new(
1596
+ operation_name: operation_name,
1597
+ operation: config.api.operation(operation_name),
1598
+ client: self,
1599
+ params: params,
1600
+ config: config)
1601
+ context[:gem_name] = 'aws-sdk-ssoadmin'
1602
+ context[:gem_version] = '1.0.0'
1603
+ Seahorse::Client::Request.new(handlers, context)
1604
+ end
1605
+
1606
+ # @api private
1607
+ # @deprecated
1608
+ def waiter_names
1609
+ []
1610
+ end
1611
+
1612
+ class << self
1613
+
1614
+ # @api private
1615
+ attr_reader :identifier
1616
+
1617
+ # @api private
1618
+ def errors_module
1619
+ Errors
1620
+ end
1621
+
1622
+ end
1623
+ end
1624
+ end