aws-sdk-ssoadmin 1.19.0 → 1.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
30
30
  require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
32
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
33
- require 'aws-sdk-core/plugins/signature_v4.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
34
  require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
35
35
 
36
36
  Aws::Plugins::GlobalConfiguration.add_identifier(:ssoadmin)
@@ -79,8 +79,9 @@ module Aws::SSOAdmin
79
79
  add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
80
  add_plugin(Aws::Plugins::DefaultsMode)
81
81
  add_plugin(Aws::Plugins::RecursionDetection)
82
- add_plugin(Aws::Plugins::SignatureV4)
82
+ add_plugin(Aws::Plugins::Sign)
83
83
  add_plugin(Aws::Plugins::Protocols::JsonRpc)
84
+ add_plugin(Aws::SSOAdmin::Plugins::Endpoints)
84
85
 
85
86
  # @overload initialize(options)
86
87
  # @param [Hash] options
@@ -297,6 +298,19 @@ module Aws::SSOAdmin
297
298
  # ** Please note ** When response stubbing is enabled, no HTTP
298
299
  # requests are made, and retries are disabled.
299
300
  #
301
+ # @option options [Aws::TokenProvider] :token_provider
302
+ # A Bearer Token Provider. This can be an instance of any one of the
303
+ # following classes:
304
+ #
305
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
306
+ # tokens.
307
+ #
308
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
309
+ # access token generated from `aws login`.
310
+ #
311
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
312
+ # will be used to search for tokens configured for your profile in shared configuration files.
313
+ #
300
314
  # @option options [Boolean] :use_dualstack_endpoint
301
315
  # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
302
316
  # will be used if available.
@@ -310,6 +324,9 @@ module Aws::SSOAdmin
310
324
  # When `true`, request parameters are validated before
311
325
  # sending the request.
312
326
  #
327
+ # @option options [Aws::SSOAdmin::EndpointProvider] :endpoint_provider
328
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSOAdmin::EndpointParameters`
329
+ #
313
330
  # @option options [URI::HTTP,String] :http_proxy A proxy to send
314
331
  # requests through. Formatted like 'http://proxy.com:123'.
315
332
  #
@@ -365,16 +382,16 @@ module Aws::SSOAdmin
365
382
  # PermissionSet.
366
383
  #
367
384
  # @option params [required, String] :instance_arn
368
- # The ARN of the Amazon Web Services SSO instance under which the
369
- # operation will be executed.
385
+ # The ARN of the IAM Identity Center instance under which the operation
386
+ # will be executed.
370
387
  #
371
388
  # @option params [required, String] :permission_set_arn
372
389
  # The ARN of the `PermissionSet`.
373
390
  #
374
391
  # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
375
392
  # Specifies the name and path of a customer managed policy. You must
376
- # have an IAM policy that matches the name and path in each Amazon Web
377
- # Services account where you want to deploy your permission set.
393
+ # have an IAM policy that matches the name and path in each AWS account
394
+ # where you want to deploy your permission set.
378
395
  #
379
396
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
380
397
  #
@@ -398,8 +415,7 @@ module Aws::SSOAdmin
398
415
  req.send_request(options)
399
416
  end
400
417
 
401
- # Attaches an Amazon Web Services managed policy ARN to a permission
402
- # set.
418
+ # Attaches an AWS managed policy ARN to a permission set.
403
419
  #
404
420
  # <note markdown="1"> If the permission set is already referenced by one or more account
405
421
  # assignments, you will need to call ` ProvisionPermissionSet ` after
@@ -409,19 +425,18 @@ module Aws::SSOAdmin
409
425
  # </note>
410
426
  #
411
427
  # @option params [required, String] :instance_arn
412
- # The ARN of the Amazon Web Services SSO instance under which the
413
- # operation will be executed. For more information about ARNs, see
414
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
428
+ # The ARN of the IAM Identity Center instance under which the operation
429
+ # will be executed. For more information about ARNs, see [Amazon
430
+ # Resource Names (ARNs) and AWS Service
415
431
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
416
- # *Amazon Web Services General Reference*.
432
+ # *AWS General Reference*.
417
433
  #
418
434
  # @option params [required, String] :permission_set_arn
419
435
  # The ARN of the PermissionSet that the managed policy should be
420
436
  # attached to.
421
437
  #
422
438
  # @option params [required, String] :managed_policy_arn
423
- # The Amazon Web Services managed policy ARN to be attached to a
424
- # permission set.
439
+ # The AWS managed policy ARN to be attached to a permission set.
425
440
  #
426
441
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
427
442
  #
@@ -442,21 +457,21 @@ module Aws::SSOAdmin
442
457
  req.send_request(options)
443
458
  end
444
459
 
445
- # Assigns access to a principal for a specified Amazon Web Services
446
- # account using a specified permission set.
460
+ # Assigns access to a principal for a specified AWS account using a
461
+ # specified permission set.
447
462
  #
448
463
  # <note markdown="1"> The term *principal* here refers to a user or group that is defined in
449
- # Amazon Web Services SSO.
464
+ # IAM Identity Center.
450
465
  #
451
466
  # </note>
452
467
  #
453
468
  # <note markdown="1"> As part of a successful `CreateAccountAssignment` call, the specified
454
469
  # permission set will automatically be provisioned to the account in the
455
470
  # form of an IAM policy. That policy is attached to the IAM role created
456
- # in Amazon Web Services SSO. If the permission set is subsequently
457
- # updated, the corresponding IAM policies attached to roles in your
458
- # accounts will not be updated automatically. In this case, you must
459
- # call ` ProvisionPermissionSet ` to make these updates.
471
+ # in IAM Identity Center. If the permission set is subsequently updated,
472
+ # the corresponding IAM policies attached to roles in your accounts will
473
+ # not be updated automatically. In this case, you must call `
474
+ # ProvisionPermissionSet ` to make these updates.
460
475
  #
461
476
  # </note>
462
477
  #
@@ -467,15 +482,15 @@ module Aws::SSOAdmin
467
482
  # </note>
468
483
  #
469
484
  # @option params [required, String] :instance_arn
470
- # The ARN of the Amazon Web Services SSO instance under which the
471
- # operation will be executed. For more information about ARNs, see
472
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
485
+ # The ARN of the IAM Identity Center instance under which the operation
486
+ # will be executed. For more information about ARNs, see [Amazon
487
+ # Resource Names (ARNs) and AWS Service
473
488
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
474
- # *Amazon Web Services General Reference*.
489
+ # *AWS General Reference*.
475
490
  #
476
491
  # @option params [required, String] :target_id
477
- # TargetID is an Amazon Web Services account identifier, typically a
478
- # 10-12 digit string (For example, 123456789012).
492
+ # TargetID is an AWS account identifier, typically a 10-12 digit string
493
+ # (For example, 123456789012).
479
494
  #
480
495
  # @option params [required, String] :target_type
481
496
  # The entity type for which the assignment will be created.
@@ -488,11 +503,11 @@ module Aws::SSOAdmin
488
503
  # The entity type for which the assignment will be created.
489
504
  #
490
505
  # @option params [required, String] :principal_id
491
- # An identifier for an object in Amazon Web Services SSO, such as a user
492
- # or group. PrincipalIds are GUIDs (For example,
506
+ # An identifier for an object in IAM Identity Center, such as a user or
507
+ # group. PrincipalIds are GUIDs (For example,
493
508
  # f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
494
- # PrincipalIds in Amazon Web Services SSO, see the [Amazon Web Services
495
- # SSO Identity Store API
509
+ # PrincipalIds in IAM Identity Center, see the [IAM Identity Center
510
+ # Identity Store API
496
511
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
497
512
  #
498
513
  # @return [Types::CreateAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -532,11 +547,11 @@ module Aws::SSOAdmin
532
547
  end
533
548
 
534
549
  # Enables the attributes-based access control (ABAC) feature for the
535
- # specified Amazon Web Services SSO instance. You can also specify new
550
+ # specified IAM Identity Center instance. You can also specify new
536
551
  # attributes to add to your ABAC configuration during the enabling
537
552
  # process. For more information about ABAC, see [Attribute-Based Access
538
- # Control](/singlesignon/latest/userguide/abac.html) in the *Amazon Web
539
- # Services SSO User Guide*.
553
+ # Control](/singlesignon/latest/userguide/abac.html) in the *IAM
554
+ # Identity Center User Guide*.
540
555
  #
541
556
  # <note markdown="1"> After a successful response, call
542
557
  # `DescribeInstanceAccessControlAttributeConfiguration` to validate that
@@ -545,18 +560,18 @@ module Aws::SSOAdmin
545
560
  # </note>
546
561
  #
547
562
  # @option params [required, String] :instance_arn
548
- # The ARN of the Amazon Web Services SSO instance under which the
549
- # operation will be executed.
563
+ # The ARN of the IAM Identity Center instance under which the operation
564
+ # will be executed.
550
565
  #
551
566
  # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
552
- # Specifies the Amazon Web Services SSO identity store attributes to add
553
- # to your ABAC configuration. When using an external identity provider
554
- # as an identity source, you can pass attributes through the SAML
567
+ # Specifies the IAM Identity Center identity store attributes to add to
568
+ # your ABAC configuration. When using an external identity provider as
569
+ # an identity source, you can pass attributes through the SAML
555
570
  # assertion. Doing so provides an alternative to configuring attributes
556
- # from the Amazon Web Services SSO identity store. If a SAML assertion
557
- # passes any of these attributes, Amazon Web Services SSO will replace
558
- # the attribute value with the value from the Amazon Web Services SSO
559
- # identity store.
571
+ # from the IAM Identity Center identity store. If a SAML assertion
572
+ # passes any of these attributes, IAM Identity Center will replace the
573
+ # attribute value with the value from the IAM Identity Center identity
574
+ # store.
560
575
  #
561
576
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
562
577
  #
@@ -585,11 +600,11 @@ module Aws::SSOAdmin
585
600
  req.send_request(options)
586
601
  end
587
602
 
588
- # Creates a permission set within a specified Amazon Web Services SSO
603
+ # Creates a permission set within a specified IAM Identity Center
589
604
  # instance.
590
605
  #
591
- # <note markdown="1"> To grant users and groups access to Amazon Web Services account
592
- # resources, use ` CreateAccountAssignment `.
606
+ # <note markdown="1"> To grant users and groups access to AWS account resources, use `
607
+ # CreateAccountAssignment `.
593
608
  #
594
609
  # </note>
595
610
  #
@@ -600,11 +615,11 @@ module Aws::SSOAdmin
600
615
  # The description of the PermissionSet.
601
616
  #
602
617
  # @option params [required, String] :instance_arn
603
- # The ARN of the Amazon Web Services SSO instance under which the
604
- # operation will be executed. For more information about ARNs, see
605
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
618
+ # The ARN of the IAM Identity Center instance under which the operation
619
+ # will be executed. For more information about ARNs, see [Amazon
620
+ # Resource Names (ARNs) and AWS Service
606
621
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
607
- # *Amazon Web Services General Reference*.
622
+ # *AWS General Reference*.
608
623
  #
609
624
  # @option params [String] :session_duration
610
625
  # The length of time that the application user sessions are valid in the
@@ -655,8 +670,8 @@ module Aws::SSOAdmin
655
670
  req.send_request(options)
656
671
  end
657
672
 
658
- # Deletes a principal's access from a specified Amazon Web Services
659
- # account using a specified permission set.
673
+ # Deletes a principal's access from a specified AWS account using a
674
+ # specified permission set.
660
675
  #
661
676
  # <note markdown="1"> After a successful response, call
662
677
  # `DescribeAccountAssignmentCreationStatus` to describe the status of an
@@ -665,15 +680,15 @@ module Aws::SSOAdmin
665
680
  # </note>
666
681
  #
667
682
  # @option params [required, String] :instance_arn
668
- # The ARN of the Amazon Web Services SSO instance under which the
669
- # operation will be executed. For more information about ARNs, see
670
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
683
+ # The ARN of the IAM Identity Center instance under which the operation
684
+ # will be executed. For more information about ARNs, see [Amazon
685
+ # Resource Names (ARNs) and AWS Service
671
686
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
672
- # *Amazon Web Services General Reference*.
687
+ # *AWS General Reference*.
673
688
  #
674
689
  # @option params [required, String] :target_id
675
- # TargetID is an Amazon Web Services account identifier, typically a
676
- # 10-12 digit string (For example, 123456789012).
690
+ # TargetID is an AWS account identifier, typically a 10-12 digit string
691
+ # (For example, 123456789012).
677
692
  #
678
693
  # @option params [required, String] :target_type
679
694
  # The entity type for which the assignment will be deleted.
@@ -685,11 +700,11 @@ module Aws::SSOAdmin
685
700
  # The entity type for which the assignment will be deleted.
686
701
  #
687
702
  # @option params [required, String] :principal_id
688
- # An identifier for an object in Amazon Web Services SSO, such as a user
689
- # or group. PrincipalIds are GUIDs (For example,
703
+ # An identifier for an object in IAM Identity Center, such as a user or
704
+ # group. PrincipalIds are GUIDs (For example,
690
705
  # f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
691
- # PrincipalIds in Amazon Web Services SSO, see the [Amazon Web Services
692
- # SSO Identity Store API
706
+ # PrincipalIds in IAM Identity Center, see the [IAM Identity Center
707
+ # Identity Store API
693
708
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
694
709
  #
695
710
  # @return [Types::DeleteAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -731,11 +746,11 @@ module Aws::SSOAdmin
731
746
  # Deletes the inline policy from a specified permission set.
732
747
  #
733
748
  # @option params [required, String] :instance_arn
734
- # The ARN of the Amazon Web Services SSO instance under which the
735
- # operation will be executed. For more information about ARNs, see
736
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
749
+ # The ARN of the IAM Identity Center instance under which the operation
750
+ # will be executed. For more information about ARNs, see [Amazon
751
+ # Resource Names (ARNs) and AWS Service
737
752
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
738
- # *Amazon Web Services General Reference*.
753
+ # *AWS General Reference*.
739
754
  #
740
755
  # @option params [required, String] :permission_set_arn
741
756
  # The ARN of the permission set that will be used to remove access.
@@ -759,17 +774,17 @@ module Aws::SSOAdmin
759
774
  end
760
775
 
761
776
  # Disables the attributes-based access control (ABAC) feature for the
762
- # specified Amazon Web Services SSO instance and deletes all of the
777
+ # specified IAM Identity Center instance and deletes all of the
763
778
  # attribute mappings that have been configured. Once deleted, any
764
779
  # attributes that are received from an identity source and any custom
765
780
  # attributes you have previously configured will not be passed. For more
766
781
  # information about ABAC, see [Attribute-Based Access
767
- # Control](/singlesignon/latest/userguide/abac.html) in the *Amazon Web
768
- # Services SSO User Guide*.
782
+ # Control](/singlesignon/latest/userguide/abac.html) in the *IAM
783
+ # Identity Center User Guide*.
769
784
  #
770
785
  # @option params [required, String] :instance_arn
771
- # The ARN of the Amazon Web Services SSO instance under which the
772
- # operation will be executed.
786
+ # The ARN of the IAM Identity Center instance under which the operation
787
+ # will be executed.
773
788
  #
774
789
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
775
790
  #
@@ -791,11 +806,11 @@ module Aws::SSOAdmin
791
806
  # Deletes the specified permission set.
792
807
  #
793
808
  # @option params [required, String] :instance_arn
794
- # The ARN of the Amazon Web Services SSO instance under which the
795
- # operation will be executed. For more information about ARNs, see
796
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
809
+ # The ARN of the IAM Identity Center instance under which the operation
810
+ # will be executed. For more information about ARNs, see [Amazon
811
+ # Resource Names (ARNs) and AWS Service
797
812
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
798
- # *Amazon Web Services General Reference*.
813
+ # *AWS General Reference*.
799
814
  #
800
815
  # @option params [required, String] :permission_set_arn
801
816
  # The ARN of the permission set that should be deleted.
@@ -821,8 +836,8 @@ module Aws::SSOAdmin
821
836
  # Deletes the permissions boundary from a specified PermissionSet.
822
837
  #
823
838
  # @option params [required, String] :instance_arn
824
- # The ARN of the Amazon Web Services SSO instance under which the
825
- # operation will be executed.
839
+ # The ARN of the IAM Identity Center instance under which the operation
840
+ # will be executed.
826
841
  #
827
842
  # @option params [required, String] :permission_set_arn
828
843
  # The ARN of the `PermissionSet`.
@@ -848,11 +863,11 @@ module Aws::SSOAdmin
848
863
  # Describes the status of the assignment creation request.
849
864
  #
850
865
  # @option params [required, String] :instance_arn
851
- # The ARN of the Amazon Web Services SSO instance under which the
852
- # operation will be executed. For more information about ARNs, see
853
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
866
+ # The ARN of the IAM Identity Center instance under which the operation
867
+ # will be executed. For more information about ARNs, see [Amazon
868
+ # Resource Names (ARNs) and AWS Service
854
869
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
855
- # *Amazon Web Services General Reference*.
870
+ # *AWS General Reference*.
856
871
  #
857
872
  # @option params [required, String] :account_assignment_creation_request_id
858
873
  # The identifier that is used to track the request operation progress.
@@ -892,11 +907,11 @@ module Aws::SSOAdmin
892
907
  # Describes the status of the assignment deletion request.
893
908
  #
894
909
  # @option params [required, String] :instance_arn
895
- # The ARN of the Amazon Web Services SSO instance under which the
896
- # operation will be executed. For more information about ARNs, see
897
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
910
+ # The ARN of the IAM Identity Center instance under which the operation
911
+ # will be executed. For more information about ARNs, see [Amazon
912
+ # Resource Names (ARNs) and AWS Service
898
913
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
899
- # *Amazon Web Services General Reference*.
914
+ # *AWS General Reference*.
900
915
  #
901
916
  # @option params [required, String] :account_assignment_deletion_request_id
902
917
  # The identifier that is used to track the request operation progress.
@@ -933,17 +948,17 @@ module Aws::SSOAdmin
933
948
  req.send_request(options)
934
949
  end
935
950
 
936
- # Returns the list of Amazon Web Services SSO identity store attributes
937
- # that have been configured to work with attributes-based access control
938
- # (ABAC) for the specified Amazon Web Services SSO instance. This will
939
- # not return attributes configured and sent by an external identity
951
+ # Returns the list of IAM Identity Center identity store attributes that
952
+ # have been configured to work with attributes-based access control
953
+ # (ABAC) for the specified IAM Identity Center instance. This will not
954
+ # return attributes configured and sent by an external identity
940
955
  # provider. For more information about ABAC, see [Attribute-Based Access
941
- # Control](/singlesignon/latest/userguide/abac.html) in the *Amazon Web
942
- # Services SSO User Guide*.
956
+ # Control](/singlesignon/latest/userguide/abac.html) in the *IAM
957
+ # Identity Center User Guide*.
943
958
  #
944
959
  # @option params [required, String] :instance_arn
945
- # The ARN of the Amazon Web Services SSO instance under which the
946
- # operation will be executed.
960
+ # The ARN of the IAM Identity Center instance under which the operation
961
+ # will be executed.
947
962
  #
948
963
  # @return [Types::DescribeInstanceAccessControlAttributeConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
949
964
  #
@@ -978,11 +993,11 @@ module Aws::SSOAdmin
978
993
  # Gets the details of the permission set.
979
994
  #
980
995
  # @option params [required, String] :instance_arn
981
- # The ARN of the Amazon Web Services SSO instance under which the
982
- # operation will be executed. For more information about ARNs, see
983
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
996
+ # The ARN of the IAM Identity Center instance under which the operation
997
+ # will be executed. For more information about ARNs, see [Amazon
998
+ # Resource Names (ARNs) and AWS Service
984
999
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
985
- # *Amazon Web Services General Reference*.
1000
+ # *AWS General Reference*.
986
1001
  #
987
1002
  # @option params [required, String] :permission_set_arn
988
1003
  # The ARN of the permission set.
@@ -1020,11 +1035,11 @@ module Aws::SSOAdmin
1020
1035
  # request.
1021
1036
  #
1022
1037
  # @option params [required, String] :instance_arn
1023
- # The ARN of the Amazon Web Services SSO instance under which the
1024
- # operation will be executed. For more information about ARNs, see
1025
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1038
+ # The ARN of the IAM Identity Center instance under which the operation
1039
+ # will be executed. For more information about ARNs, see [Amazon
1040
+ # Resource Names (ARNs) and AWS Service
1026
1041
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1027
- # *Amazon Web Services General Reference*.
1042
+ # *AWS General Reference*.
1028
1043
  #
1029
1044
  # @option params [required, String] :provision_permission_set_request_id
1030
1045
  # The identifier that is provided by the ProvisionPermissionSet call to
@@ -1063,16 +1078,16 @@ module Aws::SSOAdmin
1063
1078
  # PermissionSet.
1064
1079
  #
1065
1080
  # @option params [required, String] :instance_arn
1066
- # The ARN of the Amazon Web Services SSO instance under which the
1067
- # operation will be executed.
1081
+ # The ARN of the IAM Identity Center instance under which the operation
1082
+ # will be executed.
1068
1083
  #
1069
1084
  # @option params [required, String] :permission_set_arn
1070
1085
  # The ARN of the `PermissionSet`.
1071
1086
  #
1072
1087
  # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
1073
1088
  # Specifies the name and path of a customer managed policy. You must
1074
- # have an IAM policy that matches the name and path in each Amazon Web
1075
- # Services account where you want to deploy your permission set.
1089
+ # have an IAM policy that matches the name and path in each AWS account
1090
+ # where you want to deploy your permission set.
1076
1091
  #
1077
1092
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1078
1093
  #
@@ -1096,22 +1111,21 @@ module Aws::SSOAdmin
1096
1111
  req.send_request(options)
1097
1112
  end
1098
1113
 
1099
- # Detaches the attached Amazon Web Services managed policy ARN from the
1100
- # specified permission set.
1114
+ # Detaches the attached AWS managed policy ARN from the specified
1115
+ # permission set.
1101
1116
  #
1102
1117
  # @option params [required, String] :instance_arn
1103
- # The ARN of the Amazon Web Services SSO instance under which the
1104
- # operation will be executed. For more information about ARNs, see
1105
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1118
+ # The ARN of the IAM Identity Center instance under which the operation
1119
+ # will be executed. For more information about ARNs, see [Amazon
1120
+ # Resource Names (ARNs) and AWS Service
1106
1121
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1107
- # *Amazon Web Services General Reference*.
1122
+ # *AWS General Reference*.
1108
1123
  #
1109
1124
  # @option params [required, String] :permission_set_arn
1110
1125
  # The ARN of the PermissionSet from which the policy should be detached.
1111
1126
  #
1112
1127
  # @option params [required, String] :managed_policy_arn
1113
- # The Amazon Web Services managed policy ARN to be detached from a
1114
- # permission set.
1128
+ # The AWS managed policy ARN to be detached from a permission set.
1115
1129
  #
1116
1130
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1117
1131
  #
@@ -1135,11 +1149,11 @@ module Aws::SSOAdmin
1135
1149
  # Obtains the inline policy assigned to the permission set.
1136
1150
  #
1137
1151
  # @option params [required, String] :instance_arn
1138
- # The ARN of the Amazon Web Services SSO instance under which the
1139
- # operation will be executed. For more information about ARNs, see
1140
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1152
+ # The ARN of the IAM Identity Center instance under which the operation
1153
+ # will be executed. For more information about ARNs, see [Amazon
1154
+ # Resource Names (ARNs) and AWS Service
1141
1155
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1142
- # *Amazon Web Services General Reference*.
1156
+ # *AWS General Reference*.
1143
1157
  #
1144
1158
  # @option params [required, String] :permission_set_arn
1145
1159
  # The ARN of the permission set.
@@ -1171,8 +1185,8 @@ module Aws::SSOAdmin
1171
1185
  # Obtains the permissions boundary for a specified PermissionSet.
1172
1186
  #
1173
1187
  # @option params [required, String] :instance_arn
1174
- # The ARN of the Amazon Web Services SSO instance under which the
1175
- # operation will be executed.
1188
+ # The ARN of the IAM Identity Center instance under which the operation
1189
+ # will be executed.
1176
1190
  #
1177
1191
  # @option params [required, String] :permission_set_arn
1178
1192
  # The ARN of the `PermissionSet`.
@@ -1203,15 +1217,15 @@ module Aws::SSOAdmin
1203
1217
  req.send_request(options)
1204
1218
  end
1205
1219
 
1206
- # Lists the status of the Amazon Web Services account assignment
1207
- # creation requests for a specified Amazon Web Services SSO instance.
1220
+ # Lists the status of the AWS account assignment creation requests for a
1221
+ # specified IAM Identity Center instance.
1208
1222
  #
1209
1223
  # @option params [required, String] :instance_arn
1210
- # The ARN of the Amazon Web Services SSO instance under which the
1211
- # operation will be executed. For more information about ARNs, see
1212
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1224
+ # The ARN of the IAM Identity Center instance under which the operation
1225
+ # will be executed. For more information about ARNs, see [Amazon
1226
+ # Resource Names (ARNs) and AWS Service
1213
1227
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1214
- # *Amazon Web Services General Reference*.
1228
+ # *AWS General Reference*.
1215
1229
  #
1216
1230
  # @option params [Integer] :max_results
1217
1231
  # The maximum number of results to display for the assignment.
@@ -1258,15 +1272,15 @@ module Aws::SSOAdmin
1258
1272
  req.send_request(options)
1259
1273
  end
1260
1274
 
1261
- # Lists the status of the Amazon Web Services account assignment
1262
- # deletion requests for a specified Amazon Web Services SSO instance.
1275
+ # Lists the status of the AWS account assignment deletion requests for a
1276
+ # specified IAM Identity Center instance.
1263
1277
  #
1264
1278
  # @option params [required, String] :instance_arn
1265
- # The ARN of the Amazon Web Services SSO instance under which the
1266
- # operation will be executed. For more information about ARNs, see
1267
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1279
+ # The ARN of the IAM Identity Center instance under which the operation
1280
+ # will be executed. For more information about ARNs, see [Amazon
1281
+ # Resource Names (ARNs) and AWS Service
1268
1282
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1269
- # *Amazon Web Services General Reference*.
1283
+ # *AWS General Reference*.
1270
1284
  #
1271
1285
  # @option params [Integer] :max_results
1272
1286
  # The maximum number of results to display for the assignment.
@@ -1313,19 +1327,18 @@ module Aws::SSOAdmin
1313
1327
  req.send_request(options)
1314
1328
  end
1315
1329
 
1316
- # Lists the assignee of the specified Amazon Web Services account with
1317
- # the specified permission set.
1330
+ # Lists the assignee of the specified AWS account with the specified
1331
+ # permission set.
1318
1332
  #
1319
1333
  # @option params [required, String] :instance_arn
1320
- # The ARN of the Amazon Web Services SSO instance under which the
1321
- # operation will be executed. For more information about ARNs, see
1322
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1334
+ # The ARN of the IAM Identity Center instance under which the operation
1335
+ # will be executed. For more information about ARNs, see [Amazon
1336
+ # Resource Names (ARNs) and AWS Service
1323
1337
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1324
- # *Amazon Web Services General Reference*.
1338
+ # *AWS General Reference*.
1325
1339
  #
1326
1340
  # @option params [required, String] :account_id
1327
- # The identifier of the Amazon Web Services account from which to list
1328
- # the assignments.
1341
+ # The identifier of the AWS account from which to list the assignments.
1329
1342
  #
1330
1343
  # @option params [required, String] :permission_set_arn
1331
1344
  # The ARN of the permission set from which to list assignments.
@@ -1372,23 +1385,22 @@ module Aws::SSOAdmin
1372
1385
  req.send_request(options)
1373
1386
  end
1374
1387
 
1375
- # Lists all the Amazon Web Services accounts where the specified
1376
- # permission set is provisioned.
1388
+ # Lists all the AWS accounts where the specified permission set is
1389
+ # provisioned.
1377
1390
  #
1378
1391
  # @option params [required, String] :instance_arn
1379
- # The ARN of the Amazon Web Services SSO instance under which the
1380
- # operation will be executed. For more information about ARNs, see
1381
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1392
+ # The ARN of the IAM Identity Center instance under which the operation
1393
+ # will be executed. For more information about ARNs, see [Amazon
1394
+ # Resource Names (ARNs) and AWS Service
1382
1395
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1383
- # *Amazon Web Services General Reference*.
1396
+ # *AWS General Reference*.
1384
1397
  #
1385
1398
  # @option params [required, String] :permission_set_arn
1386
- # The ARN of the PermissionSet from which the associated Amazon Web
1387
- # Services accounts will be listed.
1399
+ # The ARN of the PermissionSet from which the associated AWS accounts
1400
+ # will be listed.
1388
1401
  #
1389
1402
  # @option params [String] :provisioning_status
1390
- # The permission set provisioning status for an Amazon Web Services
1391
- # account.
1403
+ # The permission set provisioning status for an AWS account.
1392
1404
  #
1393
1405
  # @option params [Integer] :max_results
1394
1406
  # The maximum number of results to display for the PermissionSet.
@@ -1433,8 +1445,8 @@ module Aws::SSOAdmin
1433
1445
  # PermissionSet.
1434
1446
  #
1435
1447
  # @option params [required, String] :instance_arn
1436
- # The ARN of the Amazon Web Services SSO instance under which the
1437
- # operation will be executed.
1448
+ # The ARN of the IAM Identity Center instance under which the operation
1449
+ # will be executed.
1438
1450
  #
1439
1451
  # @option params [required, String] :permission_set_arn
1440
1452
  # The ARN of the `PermissionSet`.
@@ -1478,8 +1490,7 @@ module Aws::SSOAdmin
1478
1490
  req.send_request(options)
1479
1491
  end
1480
1492
 
1481
- # Lists the Amazon Web Services SSO instances that the caller has access
1482
- # to.
1493
+ # Lists the IAM Identity Center instances that the caller has access to.
1483
1494
  #
1484
1495
  # @option params [Integer] :max_results
1485
1496
  # The maximum number of results to display for the instance.
@@ -1518,15 +1529,15 @@ module Aws::SSOAdmin
1518
1529
  req.send_request(options)
1519
1530
  end
1520
1531
 
1521
- # Lists the Amazon Web Services managed policy that is attached to a
1522
- # specified permission set.
1532
+ # Lists the AWS managed policy that is attached to a specified
1533
+ # permission set.
1523
1534
  #
1524
1535
  # @option params [required, String] :instance_arn
1525
- # The ARN of the Amazon Web Services SSO instance under which the
1526
- # operation will be executed. For more information about ARNs, see
1527
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1536
+ # The ARN of the IAM Identity Center instance under which the operation
1537
+ # will be executed. For more information about ARNs, see [Amazon
1538
+ # Resource Names (ARNs) and AWS Service
1528
1539
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1529
- # *Amazon Web Services General Reference*.
1540
+ # *AWS General Reference*.
1530
1541
  #
1531
1542
  # @option params [required, String] :permission_set_arn
1532
1543
  # The ARN of the PermissionSet whose managed policies will be listed.
@@ -1571,14 +1582,14 @@ module Aws::SSOAdmin
1571
1582
  end
1572
1583
 
1573
1584
  # Lists the status of the permission set provisioning requests for a
1574
- # specified Amazon Web Services SSO instance.
1585
+ # specified IAM Identity Center instance.
1575
1586
  #
1576
1587
  # @option params [required, String] :instance_arn
1577
- # The ARN of the Amazon Web Services SSO instance under which the
1578
- # operation will be executed. For more information about ARNs, see
1579
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1588
+ # The ARN of the IAM Identity Center instance under which the operation
1589
+ # will be executed. For more information about ARNs, see [Amazon
1590
+ # Resource Names (ARNs) and AWS Service
1580
1591
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1581
- # *Amazon Web Services General Reference*.
1592
+ # *AWS General Reference*.
1582
1593
  #
1583
1594
  # @option params [Integer] :max_results
1584
1595
  # The maximum number of results to display for the assignment.
@@ -1625,14 +1636,14 @@ module Aws::SSOAdmin
1625
1636
  req.send_request(options)
1626
1637
  end
1627
1638
 
1628
- # Lists the PermissionSets in an Amazon Web Services SSO instance.
1639
+ # Lists the PermissionSets in an IAM Identity Center instance.
1629
1640
  #
1630
1641
  # @option params [required, String] :instance_arn
1631
- # The ARN of the Amazon Web Services SSO instance under which the
1632
- # operation will be executed. For more information about ARNs, see
1633
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1642
+ # The ARN of the IAM Identity Center instance under which the operation
1643
+ # will be executed. For more information about ARNs, see [Amazon
1644
+ # Resource Names (ARNs) and AWS Service
1634
1645
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1635
- # *Amazon Web Services General Reference*.
1646
+ # *AWS General Reference*.
1636
1647
  #
1637
1648
  # @option params [String] :next_token
1638
1649
  # The pagination token for the list API. Initially the value is null.
@@ -1671,19 +1682,18 @@ module Aws::SSOAdmin
1671
1682
  req.send_request(options)
1672
1683
  end
1673
1684
 
1674
- # Lists all the permission sets that are provisioned to a specified
1675
- # Amazon Web Services account.
1685
+ # Lists all the permission sets that are provisioned to a specified AWS
1686
+ # account.
1676
1687
  #
1677
1688
  # @option params [required, String] :instance_arn
1678
- # The ARN of the Amazon Web Services SSO instance under which the
1679
- # operation will be executed. For more information about ARNs, see
1680
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1689
+ # The ARN of the IAM Identity Center instance under which the operation
1690
+ # will be executed. For more information about ARNs, see [Amazon
1691
+ # Resource Names (ARNs) and AWS Service
1681
1692
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1682
- # *Amazon Web Services General Reference*.
1693
+ # *AWS General Reference*.
1683
1694
  #
1684
1695
  # @option params [required, String] :account_id
1685
- # The identifier of the Amazon Web Services account from which to list
1686
- # the assignments.
1696
+ # The identifier of the AWS account from which to list the assignments.
1687
1697
  #
1688
1698
  # @option params [String] :provisioning_status
1689
1699
  # The status object for the permission set provisioning operation.
@@ -1730,11 +1740,11 @@ module Aws::SSOAdmin
1730
1740
  # Lists the tags that are attached to a specified resource.
1731
1741
  #
1732
1742
  # @option params [required, String] :instance_arn
1733
- # The ARN of the Amazon Web Services SSO instance under which the
1734
- # operation will be executed. For more information about ARNs, see
1735
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1743
+ # The ARN of the IAM Identity Center instance under which the operation
1744
+ # will be executed. For more information about ARNs, see [Amazon
1745
+ # Resource Names (ARNs) and AWS Service
1736
1746
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1737
- # *Amazon Web Services General Reference*.
1747
+ # *AWS General Reference*.
1738
1748
  #
1739
1749
  # @option params [required, String] :resource_arn
1740
1750
  # The ARN of the resource with the tags to be listed.
@@ -1778,18 +1788,18 @@ module Aws::SSOAdmin
1778
1788
  # specified target.
1779
1789
  #
1780
1790
  # @option params [required, String] :instance_arn
1781
- # The ARN of the Amazon Web Services SSO instance under which the
1782
- # operation will be executed. For more information about ARNs, see
1783
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1791
+ # The ARN of the IAM Identity Center instance under which the operation
1792
+ # will be executed. For more information about ARNs, see [Amazon
1793
+ # Resource Names (ARNs) and AWS Service
1784
1794
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1785
- # *Amazon Web Services General Reference*.
1795
+ # *AWS General Reference*.
1786
1796
  #
1787
1797
  # @option params [required, String] :permission_set_arn
1788
1798
  # The ARN of the permission set.
1789
1799
  #
1790
1800
  # @option params [String] :target_id
1791
- # TargetID is an Amazon Web Services account identifier, typically a
1792
- # 10-12 digit string (For example, 123456789012).
1801
+ # TargetID is an AWS account identifier, typically a 10-12 digit string
1802
+ # (For example, 123456789012).
1793
1803
  #
1794
1804
  # @option params [required, String] :target_type
1795
1805
  # The entity type for which the assignment will be created.
@@ -1835,11 +1845,11 @@ module Aws::SSOAdmin
1835
1845
  # </note>
1836
1846
  #
1837
1847
  # @option params [required, String] :instance_arn
1838
- # The ARN of the Amazon Web Services SSO instance under which the
1839
- # operation will be executed. For more information about ARNs, see
1840
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1848
+ # The ARN of the IAM Identity Center instance under which the operation
1849
+ # will be executed. For more information about ARNs, see [Amazon
1850
+ # Resource Names (ARNs) and AWS Service
1841
1851
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1842
- # *Amazon Web Services General Reference*.
1852
+ # *AWS General Reference*.
1843
1853
  #
1844
1854
  # @option params [required, String] :permission_set_arn
1845
1855
  # The ARN of the permission set.
@@ -1866,12 +1876,12 @@ module Aws::SSOAdmin
1866
1876
  req.send_request(options)
1867
1877
  end
1868
1878
 
1869
- # Attaches an Amazon Web Services managed or customer managed policy to
1870
- # the specified PermissionSet as a permissions boundary.
1879
+ # Attaches an AWS managed or customer managed policy to the specified
1880
+ # PermissionSet as a permissions boundary.
1871
1881
  #
1872
1882
  # @option params [required, String] :instance_arn
1873
- # The ARN of the Amazon Web Services SSO instance under which the
1874
- # operation will be executed.
1883
+ # The ARN of the IAM Identity Center instance under which the operation
1884
+ # will be executed.
1875
1885
  #
1876
1886
  # @option params [required, String] :permission_set_arn
1877
1887
  # The ARN of the `PermissionSet`.
@@ -1907,11 +1917,11 @@ module Aws::SSOAdmin
1907
1917
  # Associates a set of tags with a specified resource.
1908
1918
  #
1909
1919
  # @option params [required, String] :instance_arn
1910
- # The ARN of the Amazon Web Services SSO instance under which the
1911
- # operation will be executed. For more information about ARNs, see
1912
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1920
+ # The ARN of the IAM Identity Center instance under which the operation
1921
+ # will be executed. For more information about ARNs, see [Amazon
1922
+ # Resource Names (ARNs) and AWS Service
1913
1923
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1914
- # *Amazon Web Services General Reference*.
1924
+ # *AWS General Reference*.
1915
1925
  #
1916
1926
  # @option params [required, String] :resource_arn
1917
1927
  # The ARN of the resource with the tags to be listed.
@@ -1946,11 +1956,11 @@ module Aws::SSOAdmin
1946
1956
  # Disassociates a set of tags from a specified resource.
1947
1957
  #
1948
1958
  # @option params [required, String] :instance_arn
1949
- # The ARN of the Amazon Web Services SSO instance under which the
1950
- # operation will be executed. For more information about ARNs, see
1951
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1959
+ # The ARN of the IAM Identity Center instance under which the operation
1960
+ # will be executed. For more information about ARNs, see [Amazon
1961
+ # Resource Names (ARNs) and AWS Service
1952
1962
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1953
- # *Amazon Web Services General Reference*.
1963
+ # *AWS General Reference*.
1954
1964
  #
1955
1965
  # @option params [required, String] :resource_arn
1956
1966
  # The ARN of the resource with the tags to be listed.
@@ -1977,21 +1987,21 @@ module Aws::SSOAdmin
1977
1987
  req.send_request(options)
1978
1988
  end
1979
1989
 
1980
- # Updates the Amazon Web Services SSO identity store attributes that you
1981
- # can use with the Amazon Web Services SSO instance for attributes-based
1982
- # access control (ABAC). When using an external identity provider as an
1990
+ # Updates the IAM Identity Center identity store attributes that you can
1991
+ # use with the IAM Identity Center instance for attributes-based access
1992
+ # control (ABAC). When using an external identity provider as an
1983
1993
  # identity source, you can pass attributes through the SAML assertion as
1984
- # an alternative to configuring attributes from the Amazon Web Services
1985
- # SSO identity store. If a SAML assertion passes any of these
1986
- # attributes, Amazon Web Services SSO replaces the attribute value with
1987
- # the value from the Amazon Web Services SSO identity store. For more
1988
- # information about ABAC, see [Attribute-Based Access
1989
- # Control](/singlesignon/latest/userguide/abac.html) in the *Amazon Web
1990
- # Services SSO User Guide*.
1994
+ # an alternative to configuring attributes from the IAM Identity Center
1995
+ # identity store. If a SAML assertion passes any of these attributes,
1996
+ # IAM Identity Center replaces the attribute value with the value from
1997
+ # the IAM Identity Center identity store. For more information about
1998
+ # ABAC, see [Attribute-Based Access
1999
+ # Control](/singlesignon/latest/userguide/abac.html) in the *IAM
2000
+ # Identity Center User Guide*.
1991
2001
  #
1992
2002
  # @option params [required, String] :instance_arn
1993
- # The ARN of the Amazon Web Services SSO instance under which the
1994
- # operation will be executed.
2003
+ # The ARN of the IAM Identity Center instance under which the operation
2004
+ # will be executed.
1995
2005
  #
1996
2006
  # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
1997
2007
  # Updates the attributes for your ABAC configuration.
@@ -2026,11 +2036,11 @@ module Aws::SSOAdmin
2026
2036
  # Updates an existing permission set.
2027
2037
  #
2028
2038
  # @option params [required, String] :instance_arn
2029
- # The ARN of the Amazon Web Services SSO instance under which the
2030
- # operation will be executed. For more information about ARNs, see
2031
- # [Amazon Resource Names (ARNs) and Amazon Web Services Service
2039
+ # The ARN of the IAM Identity Center instance under which the operation
2040
+ # will be executed. For more information about ARNs, see [Amazon
2041
+ # Resource Names (ARNs) and AWS Service
2032
2042
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
2033
- # *Amazon Web Services General Reference*.
2043
+ # *AWS General Reference*.
2034
2044
  #
2035
2045
  # @option params [required, String] :permission_set_arn
2036
2046
  # The ARN of the permission set.
@@ -2080,7 +2090,7 @@ module Aws::SSOAdmin
2080
2090
  params: params,
2081
2091
  config: config)
2082
2092
  context[:gem_name] = 'aws-sdk-ssoadmin'
2083
- context[:gem_version] = '1.19.0'
2093
+ context[:gem_version] = '1.21.0'
2084
2094
  Seahorse::Client::Request.new(handlers, context)
2085
2095
  end
2086
2096