aws-sdk-ssoadmin 1.2.0 → 1.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e7575fa4b9a9003f2fc496bf2b65f8246cfeb63ae8d343ae4667bf07fd02e294
4
- data.tar.gz: 4206d0dea1362f4e13ccd4dfefa8a2e4da8d80749011f678254c5dcf34c14be9
3
+ metadata.gz: b6ed325f0b53a685567eb33b3a12dd63c52b20e3612ee62b031ae2b01987419c
4
+ data.tar.gz: ed1f846a29a40dc8270ae47caca3510cc825a864aa8d05c8bfc39d21e1f31e2e
5
5
  SHA512:
6
- metadata.gz: 71ad26aaf5f61740fbeb83294f59ba1a3f137514a5107434c03cb72736657f11cfd887095f7e68a50338135f8b7dbd1979c5ed3e9a7f21ab65a63030f9114f43
7
- data.tar.gz: cfc10d4b798c9d315b2742c6789bb7f2b96c67d0d2685921a848e1ff4fe257353629b0b723ce551c19d588a27979c3d71098b703650f17b2dc950e2e3becf44a
6
+ metadata.gz: dded09c16e1e74483a4956b3e91a771d6bf4b72e18da88b4bd5929b2f2bd072d6cdd576d97041d887d8dffa3056e57f2cd95861d959f2d4ef0fa065ad6c808c8
7
+ data.tar.gz: 2b733094b864e9a2f50f1f93798368bf4e87629a8a93089be738d14ba761148398df8acf0ff58a6ae8ee232d2092a737939943f5d572dd16bab5f46d7dac03c0
data/CHANGELOG.md ADDED
@@ -0,0 +1,43 @@
1
+ Unreleased Changes
2
+ ------------------
3
+
4
+ 1.7.0 (2021-03-10)
5
+ ------------------
6
+
7
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
8
+
9
+ 1.6.0 (2021-02-26)
10
+ ------------------
11
+
12
+ * Feature - Relax constraint on List* API pagination tokens to include underscore character
13
+
14
+ 1.5.0 (2021-02-02)
15
+ ------------------
16
+
17
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
18
+
19
+ 1.4.0 (2020-11-23)
20
+ ------------------
21
+
22
+ * Feature - AWS Single Sign-On now enables attribute-based access control for workforce identities to simplify permissions in AWS
23
+
24
+ 1.3.0 (2020-09-30)
25
+ ------------------
26
+
27
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
28
+
29
+ 1.2.0 (2020-09-18)
30
+ ------------------
31
+
32
+ * Feature - Documentation updates for AWS SSO APIs.
33
+
34
+ 1.1.0 (2020-09-15)
35
+ ------------------
36
+
37
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
38
+
39
+ 1.0.0 (2020-09-10)
40
+ ------------------
41
+
42
+ * Feature - Initial release of `aws-sdk-ssoadmin`.
43
+
data/LICENSE.txt ADDED
@@ -0,0 +1,202 @@
1
+
2
+ Apache License
3
+ Version 2.0, January 2004
4
+ http://www.apache.org/licenses/
5
+
6
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
7
+
8
+ 1. Definitions.
9
+
10
+ "License" shall mean the terms and conditions for use, reproduction,
11
+ and distribution as defined by Sections 1 through 9 of this document.
12
+
13
+ "Licensor" shall mean the copyright owner or entity authorized by
14
+ the copyright owner that is granting the License.
15
+
16
+ "Legal Entity" shall mean the union of the acting entity and all
17
+ other entities that control, are controlled by, or are under common
18
+ control with that entity. For the purposes of this definition,
19
+ "control" means (i) the power, direct or indirect, to cause the
20
+ direction or management of such entity, whether by contract or
21
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
22
+ outstanding shares, or (iii) beneficial ownership of such entity.
23
+
24
+ "You" (or "Your") shall mean an individual or Legal Entity
25
+ exercising permissions granted by this License.
26
+
27
+ "Source" form shall mean the preferred form for making modifications,
28
+ including but not limited to software source code, documentation
29
+ source, and configuration files.
30
+
31
+ "Object" form shall mean any form resulting from mechanical
32
+ transformation or translation of a Source form, including but
33
+ not limited to compiled object code, generated documentation,
34
+ and conversions to other media types.
35
+
36
+ "Work" shall mean the work of authorship, whether in Source or
37
+ Object form, made available under the License, as indicated by a
38
+ copyright notice that is included in or attached to the work
39
+ (an example is provided in the Appendix below).
40
+
41
+ "Derivative Works" shall mean any work, whether in Source or Object
42
+ form, that is based on (or derived from) the Work and for which the
43
+ editorial revisions, annotations, elaborations, or other modifications
44
+ represent, as a whole, an original work of authorship. For the purposes
45
+ of this License, Derivative Works shall not include works that remain
46
+ separable from, or merely link (or bind by name) to the interfaces of,
47
+ the Work and Derivative Works thereof.
48
+
49
+ "Contribution" shall mean any work of authorship, including
50
+ the original version of the Work and any modifications or additions
51
+ to that Work or Derivative Works thereof, that is intentionally
52
+ submitted to Licensor for inclusion in the Work by the copyright owner
53
+ or by an individual or Legal Entity authorized to submit on behalf of
54
+ the copyright owner. For the purposes of this definition, "submitted"
55
+ means any form of electronic, verbal, or written communication sent
56
+ to the Licensor or its representatives, including but not limited to
57
+ communication on electronic mailing lists, source code control systems,
58
+ and issue tracking systems that are managed by, or on behalf of, the
59
+ Licensor for the purpose of discussing and improving the Work, but
60
+ excluding communication that is conspicuously marked or otherwise
61
+ designated in writing by the copyright owner as "Not a Contribution."
62
+
63
+ "Contributor" shall mean Licensor and any individual or Legal Entity
64
+ on behalf of whom a Contribution has been received by Licensor and
65
+ subsequently incorporated within the Work.
66
+
67
+ 2. Grant of Copyright License. Subject to the terms and conditions of
68
+ this License, each Contributor hereby grants to You a perpetual,
69
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
70
+ copyright license to reproduce, prepare Derivative Works of,
71
+ publicly display, publicly perform, sublicense, and distribute the
72
+ Work and such Derivative Works in Source or Object form.
73
+
74
+ 3. Grant of Patent License. Subject to the terms and conditions of
75
+ this License, each Contributor hereby grants to You a perpetual,
76
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
77
+ (except as stated in this section) patent license to make, have made,
78
+ use, offer to sell, sell, import, and otherwise transfer the Work,
79
+ where such license applies only to those patent claims licensable
80
+ by such Contributor that are necessarily infringed by their
81
+ Contribution(s) alone or by combination of their Contribution(s)
82
+ with the Work to which such Contribution(s) was submitted. If You
83
+ institute patent litigation against any entity (including a
84
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
85
+ or a Contribution incorporated within the Work constitutes direct
86
+ or contributory patent infringement, then any patent licenses
87
+ granted to You under this License for that Work shall terminate
88
+ as of the date such litigation is filed.
89
+
90
+ 4. Redistribution. You may reproduce and distribute copies of the
91
+ Work or Derivative Works thereof in any medium, with or without
92
+ modifications, and in Source or Object form, provided that You
93
+ meet the following conditions:
94
+
95
+ (a) You must give any other recipients of the Work or
96
+ Derivative Works a copy of this License; and
97
+
98
+ (b) You must cause any modified files to carry prominent notices
99
+ stating that You changed the files; and
100
+
101
+ (c) You must retain, in the Source form of any Derivative Works
102
+ that You distribute, all copyright, patent, trademark, and
103
+ attribution notices from the Source form of the Work,
104
+ excluding those notices that do not pertain to any part of
105
+ the Derivative Works; and
106
+
107
+ (d) If the Work includes a "NOTICE" text file as part of its
108
+ distribution, then any Derivative Works that You distribute must
109
+ include a readable copy of the attribution notices contained
110
+ within such NOTICE file, excluding those notices that do not
111
+ pertain to any part of the Derivative Works, in at least one
112
+ of the following places: within a NOTICE text file distributed
113
+ as part of the Derivative Works; within the Source form or
114
+ documentation, if provided along with the Derivative Works; or,
115
+ within a display generated by the Derivative Works, if and
116
+ wherever such third-party notices normally appear. The contents
117
+ of the NOTICE file are for informational purposes only and
118
+ do not modify the License. You may add Your own attribution
119
+ notices within Derivative Works that You distribute, alongside
120
+ or as an addendum to the NOTICE text from the Work, provided
121
+ that such additional attribution notices cannot be construed
122
+ as modifying the License.
123
+
124
+ You may add Your own copyright statement to Your modifications and
125
+ may provide additional or different license terms and conditions
126
+ for use, reproduction, or distribution of Your modifications, or
127
+ for any such Derivative Works as a whole, provided Your use,
128
+ reproduction, and distribution of the Work otherwise complies with
129
+ the conditions stated in this License.
130
+
131
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
132
+ any Contribution intentionally submitted for inclusion in the Work
133
+ by You to the Licensor shall be under the terms and conditions of
134
+ this License, without any additional terms or conditions.
135
+ Notwithstanding the above, nothing herein shall supersede or modify
136
+ the terms of any separate license agreement you may have executed
137
+ with Licensor regarding such Contributions.
138
+
139
+ 6. Trademarks. This License does not grant permission to use the trade
140
+ names, trademarks, service marks, or product names of the Licensor,
141
+ except as required for reasonable and customary use in describing the
142
+ origin of the Work and reproducing the content of the NOTICE file.
143
+
144
+ 7. Disclaimer of Warranty. Unless required by applicable law or
145
+ agreed to in writing, Licensor provides the Work (and each
146
+ Contributor provides its Contributions) on an "AS IS" BASIS,
147
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148
+ implied, including, without limitation, any warranties or conditions
149
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150
+ PARTICULAR PURPOSE. You are solely responsible for determining the
151
+ appropriateness of using or redistributing the Work and assume any
152
+ risks associated with Your exercise of permissions under this License.
153
+
154
+ 8. Limitation of Liability. In no event and under no legal theory,
155
+ whether in tort (including negligence), contract, or otherwise,
156
+ unless required by applicable law (such as deliberate and grossly
157
+ negligent acts) or agreed to in writing, shall any Contributor be
158
+ liable to You for damages, including any direct, indirect, special,
159
+ incidental, or consequential damages of any character arising as a
160
+ result of this License or out of the use or inability to use the
161
+ Work (including but not limited to damages for loss of goodwill,
162
+ work stoppage, computer failure or malfunction, or any and all
163
+ other commercial damages or losses), even if such Contributor
164
+ has been advised of the possibility of such damages.
165
+
166
+ 9. Accepting Warranty or Additional Liability. While redistributing
167
+ the Work or Derivative Works thereof, You may choose to offer,
168
+ and charge a fee for, acceptance of support, warranty, indemnity,
169
+ or other liability obligations and/or rights consistent with this
170
+ License. However, in accepting such obligations, You may act only
171
+ on Your own behalf and on Your sole responsibility, not on behalf
172
+ of any other Contributor, and only if You agree to indemnify,
173
+ defend, and hold each Contributor harmless for any liability
174
+ incurred by, or claims asserted against, such Contributor by reason
175
+ of your accepting any such warranty or additional liability.
176
+
177
+ END OF TERMS AND CONDITIONS
178
+
179
+ APPENDIX: How to apply the Apache License to your work.
180
+
181
+ To apply the Apache License to your work, attach the following
182
+ boilerplate notice, with the fields enclosed by brackets "[]"
183
+ replaced with your own identifying information. (Don't include
184
+ the brackets!) The text should be enclosed in the appropriate
185
+ comment syntax for the file format. We also recommend that a
186
+ file or class name and description of purpose be included on the
187
+ same "printed page" as the copyright notice for easier
188
+ identification within third-party archives.
189
+
190
+ Copyright [yyyy] [name of copyright owner]
191
+
192
+ Licensed under the Apache License, Version 2.0 (the "License");
193
+ you may not use this file except in compliance with the License.
194
+ You may obtain a copy of the License at
195
+
196
+ http://www.apache.org/licenses/LICENSE-2.0
197
+
198
+ Unless required by applicable law or agreed to in writing, software
199
+ distributed under the License is distributed on an "AS IS" BASIS,
200
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
201
+ See the License for the specific language governing permissions and
202
+ limitations under the License.
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 1.7.0
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-ssoadmin/customizations'
48
48
  # @!group service
49
49
  module Aws::SSOAdmin
50
50
 
51
- GEM_VERSION = '1.2.0'
51
+ GEM_VERSION = '1.7.0'
52
52
 
53
53
  end
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -461,6 +461,53 @@ module Aws::SSOAdmin
461
461
  req.send_request(options)
462
462
  end
463
463
 
464
+ # Enables the attributes-based access control (ABAC) feature for the
465
+ # specified AWS SSO instance. You can also specify new attributes to add
466
+ # to your ABAC configuration during the enabling process. For more
467
+ # information about ABAC, see [Attribute-Based Access
468
+ # Control](/singlesignon/latest/userguide/abac.html) in the *AWS SSO
469
+ # User Guide*.
470
+ #
471
+ # @option params [required, String] :instance_arn
472
+ # The ARN of the SSO instance under which the operation will be
473
+ # executed.
474
+ #
475
+ # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
476
+ # Specifies the AWS SSO identity store attributes to add to your ABAC
477
+ # configuration. When using an external identity provider as an identity
478
+ # source, you can pass attributes through the SAML assertion as an
479
+ # alternative to configuring attributes from the AWS SSO identity store.
480
+ # If a SAML assertion passes any of these attributes, AWS SSO will
481
+ # replace the attribute value with the value from the AWS SSO identity
482
+ # store.
483
+ #
484
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
485
+ #
486
+ # @example Request syntax with placeholder values
487
+ #
488
+ # resp = client.create_instance_access_control_attribute_configuration({
489
+ # instance_arn: "InstanceArn", # required
490
+ # instance_access_control_attribute_configuration: { # required
491
+ # access_control_attributes: [ # required
492
+ # {
493
+ # key: "AccessControlAttributeKey", # required
494
+ # value: { # required
495
+ # source: ["AccessControlAttributeValueSource"], # required
496
+ # },
497
+ # },
498
+ # ],
499
+ # },
500
+ # })
501
+ #
502
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfiguration AWS API Documentation
503
+ #
504
+ # @overload create_instance_access_control_attribute_configuration(params = {})
505
+ # @param [Hash] params ({})
506
+ def create_instance_access_control_attribute_configuration(params = {}, options = {})
507
+ req = build_request(:create_instance_access_control_attribute_configuration, params)
508
+ req.send_request(options)
509
+ end
510
+
464
511
  # Creates a permission set within a specified SSO instance.
465
512
  #
466
513
  # <note markdown="1"> To grant users and groups access to AWS account resources, use `
@@ -626,6 +673,36 @@ module Aws::SSOAdmin
626
673
  req.send_request(options)
627
674
  end
628
675
 
676
+ # Disables the attributes-based access control (ABAC) feature for the
677
+ # specified AWS SSO instance and deletes all of the attribute mappings
678
+ # that have been configured. Once deleted, any attributes that are
679
+ # received from an identity source and any custom attributes you have
680
+ # previously configured will not be passed. For more information about
681
+ # ABAC, see [Attribute-Based Access
682
+ # Control](/singlesignon/latest/userguide/abac.html) in the *AWS SSO
683
+ # User Guide*.
684
+ #
685
+ # @option params [required, String] :instance_arn
686
+ # The ARN of the SSO instance under which the operation will be
687
+ # executed.
688
+ #
689
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
690
+ #
691
+ # @example Request syntax with placeholder values
692
+ #
693
+ # resp = client.delete_instance_access_control_attribute_configuration({
694
+ # instance_arn: "InstanceArn", # required
695
+ # })
696
+ #
697
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInstanceAccessControlAttributeConfiguration AWS API Documentation
698
+ #
699
+ # @overload delete_instance_access_control_attribute_configuration(params = {})
700
+ # @param [Hash] params ({})
701
+ def delete_instance_access_control_attribute_configuration(params = {}, options = {})
702
+ req = build_request(:delete_instance_access_control_attribute_configuration, params)
703
+ req.send_request(options)
704
+ end
705
+
629
706
  # Deletes the specified permission set.
630
707
  #
631
708
  # @option params [required, String] :instance_arn
@@ -744,6 +821,48 @@ module Aws::SSOAdmin
744
821
  req.send_request(options)
745
822
  end
746
823
 
824
+ # Returns the list of AWS SSO identity store attributes that have been
825
+ # configured to work with attributes-based access control (ABAC) for the
826
+ # specified AWS SSO instance. This will not return attributes configured
827
+ # and sent by an external identity provider. For more information about
828
+ # ABAC, see [Attribute-Based Access
829
+ # Control](/singlesignon/latest/userguide/abac.html) in the *AWS SSO
830
+ # User Guide*.
831
+ #
832
+ # @option params [required, String] :instance_arn
833
+ # The ARN of the SSO instance under which the operation will be
834
+ # executed.
835
+ #
836
+ # @return [Types::DescribeInstanceAccessControlAttributeConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
837
+ #
838
+ # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#status #status} => String
839
+ # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#status_reason #status_reason} => String
840
+ # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#instance_access_control_attribute_configuration #instance_access_control_attribute_configuration} => Types::InstanceAccessControlAttributeConfiguration
841
+ #
842
+ # @example Request syntax with placeholder values
843
+ #
844
+ # resp = client.describe_instance_access_control_attribute_configuration({
845
+ # instance_arn: "InstanceArn", # required
846
+ # })
847
+ #
848
+ # @example Response structure
849
+ #
850
+ # resp.status #=> String, one of "ENABLED", "CREATION_IN_PROGRESS", "CREATION_FAILED"
851
+ # resp.status_reason #=> String
852
+ # resp.instance_access_control_attribute_configuration.access_control_attributes #=> Array
853
+ # resp.instance_access_control_attribute_configuration.access_control_attributes[0].key #=> String
854
+ # resp.instance_access_control_attribute_configuration.access_control_attributes[0].value.source #=> Array
855
+ # resp.instance_access_control_attribute_configuration.access_control_attributes[0].value.source[0] #=> String
856
+ #
857
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfiguration AWS API Documentation
858
+ #
859
+ # @overload describe_instance_access_control_attribute_configuration(params = {})
860
+ # @param [Hash] params ({})
861
+ def describe_instance_access_control_attribute_configuration(params = {}, options = {})
862
+ req = build_request(:describe_instance_access_control_attribute_configuration, params)
863
+ req.send_request(options)
864
+ end
865
+
747
866
  # Gets the details of the permission set.
748
867
  #
749
868
  # @option params [required, String] :instance_arn
@@ -1582,6 +1701,51 @@ module Aws::SSOAdmin
1582
1701
  req.send_request(options)
1583
1702
  end
1584
1703
 
1704
+ # Updates the AWS SSO identity store attributes to use with the AWS SSO
1705
+ # instance for attributes-based access control (ABAC). When using an
1706
+ # external identity provider as an identity source, you can pass
1707
+ # attributes through the SAML assertion as an alternative to configuring
1708
+ # attributes from the AWS SSO identity store. If a SAML assertion passes
1709
+ # any of these attributes, AWS SSO will replace the attribute value with
1710
+ # the value from the AWS SSO identity store. For more information about
1711
+ # ABAC, see [Attribute-Based Access
1712
+ # Control](/singlesignon/latest/userguide/abac.html) in the *AWS SSO
1713
+ # User Guide*.
1714
+ #
1715
+ # @option params [required, String] :instance_arn
1716
+ # The ARN of the SSO instance under which the operation will be
1717
+ # executed.
1718
+ #
1719
+ # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
1720
+ # Updates the attributes for your ABAC configuration.
1721
+ #
1722
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1723
+ #
1724
+ # @example Request syntax with placeholder values
1725
+ #
1726
+ # resp = client.update_instance_access_control_attribute_configuration({
1727
+ # instance_arn: "InstanceArn", # required
1728
+ # instance_access_control_attribute_configuration: { # required
1729
+ # access_control_attributes: [ # required
1730
+ # {
1731
+ # key: "AccessControlAttributeKey", # required
1732
+ # value: { # required
1733
+ # source: ["AccessControlAttributeValueSource"], # required
1734
+ # },
1735
+ # },
1736
+ # ],
1737
+ # },
1738
+ # })
1739
+ #
1740
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfiguration AWS API Documentation
1741
+ #
1742
+ # @overload update_instance_access_control_attribute_configuration(params = {})
1743
+ # @param [Hash] params ({})
1744
+ def update_instance_access_control_attribute_configuration(params = {}, options = {})
1745
+ req = build_request(:update_instance_access_control_attribute_configuration, params)
1746
+ req.send_request(options)
1747
+ end
1748
+
1585
1749
  # Updates an existing permission set.
1586
1750
  #
1587
1751
  # @option params [required, String] :instance_arn
@@ -1639,7 +1803,7 @@ module Aws::SSOAdmin
1639
1803
  params: params,
1640
1804
  config: config)
1641
1805
  context[:gem_name] = 'aws-sdk-ssoadmin'
1642
- context[:gem_version] = '1.2.0'
1806
+ context[:gem_version] = '1.7.0'
1643
1807
  Seahorse::Client::Request.new(handlers, context)
1644
1808
  end
1645
1809
 
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -13,6 +13,12 @@ module Aws::SSOAdmin
13
13
 
14
14
  include Seahorse::Model
15
15
 
16
+ AccessControlAttribute = Shapes::StructureShape.new(name: 'AccessControlAttribute')
17
+ AccessControlAttributeKey = Shapes::StringShape.new(name: 'AccessControlAttributeKey')
18
+ AccessControlAttributeList = Shapes::ListShape.new(name: 'AccessControlAttributeList')
19
+ AccessControlAttributeValue = Shapes::StructureShape.new(name: 'AccessControlAttributeValue')
20
+ AccessControlAttributeValueSource = Shapes::StringShape.new(name: 'AccessControlAttributeValueSource')
21
+ AccessControlAttributeValueSourceList = Shapes::ListShape.new(name: 'AccessControlAttributeValueSourceList')
16
22
  AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
17
23
  AccessDeniedExceptionMessage = Shapes::StringShape.new(name: 'AccessDeniedExceptionMessage')
18
24
  AccountAssignment = Shapes::StructureShape.new(name: 'AccountAssignment')
@@ -30,6 +36,8 @@ module Aws::SSOAdmin
30
36
  ConflictExceptionMessage = Shapes::StringShape.new(name: 'ConflictExceptionMessage')
31
37
  CreateAccountAssignmentRequest = Shapes::StructureShape.new(name: 'CreateAccountAssignmentRequest')
32
38
  CreateAccountAssignmentResponse = Shapes::StructureShape.new(name: 'CreateAccountAssignmentResponse')
39
+ CreateInstanceAccessControlAttributeConfigurationRequest = Shapes::StructureShape.new(name: 'CreateInstanceAccessControlAttributeConfigurationRequest')
40
+ CreateInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'CreateInstanceAccessControlAttributeConfigurationResponse')
33
41
  CreatePermissionSetRequest = Shapes::StructureShape.new(name: 'CreatePermissionSetRequest')
34
42
  CreatePermissionSetResponse = Shapes::StructureShape.new(name: 'CreatePermissionSetResponse')
35
43
  Date = Shapes::TimestampShape.new(name: 'Date')
@@ -37,12 +45,16 @@ module Aws::SSOAdmin
37
45
  DeleteAccountAssignmentResponse = Shapes::StructureShape.new(name: 'DeleteAccountAssignmentResponse')
38
46
  DeleteInlinePolicyFromPermissionSetRequest = Shapes::StructureShape.new(name: 'DeleteInlinePolicyFromPermissionSetRequest')
39
47
  DeleteInlinePolicyFromPermissionSetResponse = Shapes::StructureShape.new(name: 'DeleteInlinePolicyFromPermissionSetResponse')
48
+ DeleteInstanceAccessControlAttributeConfigurationRequest = Shapes::StructureShape.new(name: 'DeleteInstanceAccessControlAttributeConfigurationRequest')
49
+ DeleteInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'DeleteInstanceAccessControlAttributeConfigurationResponse')
40
50
  DeletePermissionSetRequest = Shapes::StructureShape.new(name: 'DeletePermissionSetRequest')
41
51
  DeletePermissionSetResponse = Shapes::StructureShape.new(name: 'DeletePermissionSetResponse')
42
52
  DescribeAccountAssignmentCreationStatusRequest = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentCreationStatusRequest')
43
53
  DescribeAccountAssignmentCreationStatusResponse = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentCreationStatusResponse')
44
54
  DescribeAccountAssignmentDeletionStatusRequest = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentDeletionStatusRequest')
45
55
  DescribeAccountAssignmentDeletionStatusResponse = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentDeletionStatusResponse')
56
+ DescribeInstanceAccessControlAttributeConfigurationRequest = Shapes::StructureShape.new(name: 'DescribeInstanceAccessControlAttributeConfigurationRequest')
57
+ DescribeInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'DescribeInstanceAccessControlAttributeConfigurationResponse')
46
58
  DescribePermissionSetProvisioningStatusRequest = Shapes::StructureShape.new(name: 'DescribePermissionSetProvisioningStatusRequest')
47
59
  DescribePermissionSetProvisioningStatusResponse = Shapes::StructureShape.new(name: 'DescribePermissionSetProvisioningStatusResponse')
48
60
  DescribePermissionSetRequest = Shapes::StructureShape.new(name: 'DescribePermissionSetRequest')
@@ -54,6 +66,9 @@ module Aws::SSOAdmin
54
66
  GetInlinePolicyForPermissionSetRequest = Shapes::StructureShape.new(name: 'GetInlinePolicyForPermissionSetRequest')
55
67
  GetInlinePolicyForPermissionSetResponse = Shapes::StructureShape.new(name: 'GetInlinePolicyForPermissionSetResponse')
56
68
  Id = Shapes::StringShape.new(name: 'Id')
69
+ InstanceAccessControlAttributeConfiguration = Shapes::StructureShape.new(name: 'InstanceAccessControlAttributeConfiguration')
70
+ InstanceAccessControlAttributeConfigurationStatus = Shapes::StringShape.new(name: 'InstanceAccessControlAttributeConfigurationStatus')
71
+ InstanceAccessControlAttributeConfigurationStatusReason = Shapes::StringShape.new(name: 'InstanceAccessControlAttributeConfigurationStatusReason')
57
72
  InstanceArn = Shapes::StringShape.new(name: 'InstanceArn')
58
73
  InstanceList = Shapes::ListShape.new(name: 'InstanceList')
59
74
  InstanceMetadata = Shapes::StructureShape.new(name: 'InstanceMetadata')
@@ -122,11 +137,24 @@ module Aws::SSOAdmin
122
137
  UUId = Shapes::StringShape.new(name: 'UUId')
123
138
  UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
124
139
  UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
140
+ UpdateInstanceAccessControlAttributeConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateInstanceAccessControlAttributeConfigurationRequest')
141
+ UpdateInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateInstanceAccessControlAttributeConfigurationResponse')
125
142
  UpdatePermissionSetRequest = Shapes::StructureShape.new(name: 'UpdatePermissionSetRequest')
126
143
  UpdatePermissionSetResponse = Shapes::StructureShape.new(name: 'UpdatePermissionSetResponse')
127
144
  ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
128
145
  ValidationExceptionMessage = Shapes::StringShape.new(name: 'ValidationExceptionMessage')
129
146
 
147
+ AccessControlAttribute.add_member(:key, Shapes::ShapeRef.new(shape: AccessControlAttributeKey, required: true, location_name: "Key"))
148
+ AccessControlAttribute.add_member(:value, Shapes::ShapeRef.new(shape: AccessControlAttributeValue, required: true, location_name: "Value"))
149
+ AccessControlAttribute.struct_class = Types::AccessControlAttribute
150
+
151
+ AccessControlAttributeList.member = Shapes::ShapeRef.new(shape: AccessControlAttribute)
152
+
153
+ AccessControlAttributeValue.add_member(:source, Shapes::ShapeRef.new(shape: AccessControlAttributeValueSourceList, required: true, location_name: "Source"))
154
+ AccessControlAttributeValue.struct_class = Types::AccessControlAttributeValue
155
+
156
+ AccessControlAttributeValueSourceList.member = Shapes::ShapeRef.new(shape: AccessControlAttributeValueSource)
157
+
130
158
  AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: AccessDeniedExceptionMessage, location_name: "Message"))
131
159
  AccessDeniedException.struct_class = Types::AccessDeniedException
132
160
 
@@ -185,6 +213,12 @@ module Aws::SSOAdmin
185
213
  CreateAccountAssignmentResponse.add_member(:account_assignment_creation_status, Shapes::ShapeRef.new(shape: AccountAssignmentOperationStatus, location_name: "AccountAssignmentCreationStatus"))
186
214
  CreateAccountAssignmentResponse.struct_class = Types::CreateAccountAssignmentResponse
187
215
 
216
+ CreateInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
217
+ CreateInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_access_control_attribute_configuration, Shapes::ShapeRef.new(shape: InstanceAccessControlAttributeConfiguration, required: true, location_name: "InstanceAccessControlAttributeConfiguration"))
218
+ CreateInstanceAccessControlAttributeConfigurationRequest.struct_class = Types::CreateInstanceAccessControlAttributeConfigurationRequest
219
+
220
+ CreateInstanceAccessControlAttributeConfigurationResponse.struct_class = Types::CreateInstanceAccessControlAttributeConfigurationResponse
221
+
188
222
  CreatePermissionSetRequest.add_member(:name, Shapes::ShapeRef.new(shape: PermissionSetName, required: true, location_name: "Name"))
189
223
  CreatePermissionSetRequest.add_member(:description, Shapes::ShapeRef.new(shape: PermissionSetDescription, location_name: "Description"))
190
224
  CreatePermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
@@ -213,6 +247,11 @@ module Aws::SSOAdmin
213
247
 
214
248
  DeleteInlinePolicyFromPermissionSetResponse.struct_class = Types::DeleteInlinePolicyFromPermissionSetResponse
215
249
 
250
+ DeleteInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
251
+ DeleteInstanceAccessControlAttributeConfigurationRequest.struct_class = Types::DeleteInstanceAccessControlAttributeConfigurationRequest
252
+
253
+ DeleteInstanceAccessControlAttributeConfigurationResponse.struct_class = Types::DeleteInstanceAccessControlAttributeConfigurationResponse
254
+
216
255
  DeletePermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
217
256
  DeletePermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
218
257
  DeletePermissionSetRequest.struct_class = Types::DeletePermissionSetRequest
@@ -233,6 +272,14 @@ module Aws::SSOAdmin
233
272
  DescribeAccountAssignmentDeletionStatusResponse.add_member(:account_assignment_deletion_status, Shapes::ShapeRef.new(shape: AccountAssignmentOperationStatus, location_name: "AccountAssignmentDeletionStatus"))
234
273
  DescribeAccountAssignmentDeletionStatusResponse.struct_class = Types::DescribeAccountAssignmentDeletionStatusResponse
235
274
 
275
+ DescribeInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
276
+ DescribeInstanceAccessControlAttributeConfigurationRequest.struct_class = Types::DescribeInstanceAccessControlAttributeConfigurationRequest
277
+
278
+ DescribeInstanceAccessControlAttributeConfigurationResponse.add_member(:status, Shapes::ShapeRef.new(shape: InstanceAccessControlAttributeConfigurationStatus, location_name: "Status"))
279
+ DescribeInstanceAccessControlAttributeConfigurationResponse.add_member(:status_reason, Shapes::ShapeRef.new(shape: InstanceAccessControlAttributeConfigurationStatusReason, location_name: "StatusReason"))
280
+ DescribeInstanceAccessControlAttributeConfigurationResponse.add_member(:instance_access_control_attribute_configuration, Shapes::ShapeRef.new(shape: InstanceAccessControlAttributeConfiguration, location_name: "InstanceAccessControlAttributeConfiguration"))
281
+ DescribeInstanceAccessControlAttributeConfigurationResponse.struct_class = Types::DescribeInstanceAccessControlAttributeConfigurationResponse
282
+
236
283
  DescribePermissionSetProvisioningStatusRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
237
284
  DescribePermissionSetProvisioningStatusRequest.add_member(:provision_permission_set_request_id, Shapes::ShapeRef.new(shape: UUId, required: true, location_name: "ProvisionPermissionSetRequestId"))
238
285
  DescribePermissionSetProvisioningStatusRequest.struct_class = Types::DescribePermissionSetProvisioningStatusRequest
@@ -261,6 +308,9 @@ module Aws::SSOAdmin
261
308
  GetInlinePolicyForPermissionSetResponse.add_member(:inline_policy, Shapes::ShapeRef.new(shape: PermissionSetPolicyDocument, location_name: "InlinePolicy"))
262
309
  GetInlinePolicyForPermissionSetResponse.struct_class = Types::GetInlinePolicyForPermissionSetResponse
263
310
 
311
+ InstanceAccessControlAttributeConfiguration.add_member(:access_control_attributes, Shapes::ShapeRef.new(shape: AccessControlAttributeList, required: true, location_name: "AccessControlAttributes"))
312
+ InstanceAccessControlAttributeConfiguration.struct_class = Types::InstanceAccessControlAttributeConfiguration
313
+
264
314
  InstanceList.member = Shapes::ShapeRef.new(shape: InstanceMetadata)
265
315
 
266
316
  InstanceMetadata.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, location_name: "InstanceArn"))
@@ -444,6 +494,12 @@ module Aws::SSOAdmin
444
494
 
445
495
  UntagResourceResponse.struct_class = Types::UntagResourceResponse
446
496
 
497
+ UpdateInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
498
+ UpdateInstanceAccessControlAttributeConfigurationRequest.add_member(:instance_access_control_attribute_configuration, Shapes::ShapeRef.new(shape: InstanceAccessControlAttributeConfiguration, required: true, location_name: "InstanceAccessControlAttributeConfiguration"))
499
+ UpdateInstanceAccessControlAttributeConfigurationRequest.struct_class = Types::UpdateInstanceAccessControlAttributeConfigurationRequest
500
+
501
+ UpdateInstanceAccessControlAttributeConfigurationResponse.struct_class = Types::UpdateInstanceAccessControlAttributeConfigurationResponse
502
+
447
503
  UpdatePermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
448
504
  UpdatePermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
449
505
  UpdatePermissionSetRequest.add_member(:description, Shapes::ShapeRef.new(shape: PermissionSetDescription, location_name: "Description"))
@@ -506,6 +562,20 @@ module Aws::SSOAdmin
506
562
  o.errors << Shapes::ShapeRef.new(shape: ConflictException)
507
563
  end)
508
564
 
565
+ api.add_operation(:create_instance_access_control_attribute_configuration, Seahorse::Model::Operation.new.tap do |o|
566
+ o.name = "CreateInstanceAccessControlAttributeConfiguration"
567
+ o.http_method = "POST"
568
+ o.http_request_uri = "/"
569
+ o.input = Shapes::ShapeRef.new(shape: CreateInstanceAccessControlAttributeConfigurationRequest)
570
+ o.output = Shapes::ShapeRef.new(shape: CreateInstanceAccessControlAttributeConfigurationResponse)
571
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
572
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
573
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
574
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
575
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
576
+ o.errors << Shapes::ShapeRef.new(shape: ConflictException)
577
+ end)
578
+
509
579
  api.add_operation(:create_permission_set, Seahorse::Model::Operation.new.tap do |o|
510
580
  o.name = "CreatePermissionSet"
511
581
  o.http_method = "POST"
@@ -549,6 +619,20 @@ module Aws::SSOAdmin
549
619
  o.errors << Shapes::ShapeRef.new(shape: ConflictException)
550
620
  end)
551
621
 
622
+ api.add_operation(:delete_instance_access_control_attribute_configuration, Seahorse::Model::Operation.new.tap do |o|
623
+ o.name = "DeleteInstanceAccessControlAttributeConfiguration"
624
+ o.http_method = "POST"
625
+ o.http_request_uri = "/"
626
+ o.input = Shapes::ShapeRef.new(shape: DeleteInstanceAccessControlAttributeConfigurationRequest)
627
+ o.output = Shapes::ShapeRef.new(shape: DeleteInstanceAccessControlAttributeConfigurationResponse)
628
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
629
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
630
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
631
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
632
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
633
+ o.errors << Shapes::ShapeRef.new(shape: ConflictException)
634
+ end)
635
+
552
636
  api.add_operation(:delete_permission_set, Seahorse::Model::Operation.new.tap do |o|
553
637
  o.name = "DeletePermissionSet"
554
638
  o.http_method = "POST"
@@ -589,6 +673,19 @@ module Aws::SSOAdmin
589
673
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
590
674
  end)
591
675
 
676
+ api.add_operation(:describe_instance_access_control_attribute_configuration, Seahorse::Model::Operation.new.tap do |o|
677
+ o.name = "DescribeInstanceAccessControlAttributeConfiguration"
678
+ o.http_method = "POST"
679
+ o.http_request_uri = "/"
680
+ o.input = Shapes::ShapeRef.new(shape: DescribeInstanceAccessControlAttributeConfigurationRequest)
681
+ o.output = Shapes::ShapeRef.new(shape: DescribeInstanceAccessControlAttributeConfigurationResponse)
682
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
683
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
684
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
685
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
686
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
687
+ end)
688
+
592
689
  api.add_operation(:describe_permission_set, Seahorse::Model::Operation.new.tap do |o|
593
690
  o.name = "DescribePermissionSet"
594
691
  o.http_method = "POST"
@@ -888,6 +985,20 @@ module Aws::SSOAdmin
888
985
  o.errors << Shapes::ShapeRef.new(shape: ConflictException)
889
986
  end)
890
987
 
988
+ api.add_operation(:update_instance_access_control_attribute_configuration, Seahorse::Model::Operation.new.tap do |o|
989
+ o.name = "UpdateInstanceAccessControlAttributeConfiguration"
990
+ o.http_method = "POST"
991
+ o.http_request_uri = "/"
992
+ o.input = Shapes::ShapeRef.new(shape: UpdateInstanceAccessControlAttributeConfigurationRequest)
993
+ o.output = Shapes::ShapeRef.new(shape: UpdateInstanceAccessControlAttributeConfigurationResponse)
994
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
995
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
996
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
997
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
998
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
999
+ o.errors << Shapes::ShapeRef.new(shape: ConflictException)
1000
+ end)
1001
+
891
1002
  api.add_operation(:update_permission_set, Seahorse::Model::Operation.new.tap do |o|
892
1003
  o.name = "UpdatePermissionSet"
893
1004
  o.http_method = "POST"
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -3,13 +3,73 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
10
10
  module Aws::SSOAdmin
11
11
  module Types
12
12
 
13
+ # These are AWS SSO identity store attributes that you can configure for
14
+ # use in attributes-based access control (ABAC). You can create
15
+ # permission policies that determine who can access your AWS resources
16
+ # based upon the configured attribute value(s). When you enable ABAC and
17
+ # specify AccessControlAttributes, AWS SSO passes the attribute(s) value
18
+ # of the authenticated user into IAM for use in policy evaluation.
19
+ #
20
+ # @note When making an API call, you may pass AccessControlAttribute
21
+ # data as a hash:
22
+ #
23
+ # {
24
+ # key: "AccessControlAttributeKey", # required
25
+ # value: { # required
26
+ # source: ["AccessControlAttributeValueSource"], # required
27
+ # },
28
+ # }
29
+ #
30
+ # @!attribute [rw] key
31
+ # The name of the attribute associated with your identities in your
32
+ # identity source. This is used to map a specified attribute in your
33
+ # identity source with an attribute in AWS SSO.
34
+ # @return [String]
35
+ #
36
+ # @!attribute [rw] value
37
+ # The value used for mapping a specified attribute to an identity
38
+ # source.
39
+ # @return [Types::AccessControlAttributeValue]
40
+ #
41
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccessControlAttribute AWS API Documentation
42
+ #
43
+ class AccessControlAttribute < Struct.new(
44
+ :key,
45
+ :value)
46
+ SENSITIVE = []
47
+ include Aws::Structure
48
+ end
49
+
50
+ # The value used for mapping a specified attribute to an identity
51
+ # source.
52
+ #
53
+ # @note When making an API call, you may pass AccessControlAttributeValue
54
+ # data as a hash:
55
+ #
56
+ # {
57
+ # source: ["AccessControlAttributeValueSource"], # required
58
+ # }
59
+ #
60
+ # @!attribute [rw] source
61
+ # The identity source to use when mapping a specified attribute to AWS
62
+ # SSO.
63
+ # @return [Array<String>]
64
+ #
65
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccessControlAttributeValue AWS API Documentation
66
+ #
67
+ class AccessControlAttributeValue < Struct.new(
68
+ :source)
69
+ SENSITIVE = []
70
+ include Aws::Structure
71
+ end
72
+
13
73
  # You do not have sufficient access to perform this action.
14
74
  #
15
75
  # @!attribute [rw] message
@@ -305,6 +365,51 @@ module Aws::SSOAdmin
305
365
  include Aws::Structure
306
366
  end
307
367
 
368
+ # @note When making an API call, you may pass CreateInstanceAccessControlAttributeConfigurationRequest
369
+ # data as a hash:
370
+ #
371
+ # {
372
+ # instance_arn: "InstanceArn", # required
373
+ # instance_access_control_attribute_configuration: { # required
374
+ # access_control_attributes: [ # required
375
+ # {
376
+ # key: "AccessControlAttributeKey", # required
377
+ # value: { # required
378
+ # source: ["AccessControlAttributeValueSource"], # required
379
+ # },
380
+ # },
381
+ # ],
382
+ # },
383
+ # }
384
+ #
385
+ # @!attribute [rw] instance_arn
386
+ # The ARN of the SSO instance under which the operation will be
387
+ # executed.
388
+ # @return [String]
389
+ #
390
+ # @!attribute [rw] instance_access_control_attribute_configuration
391
+ # Specifies the AWS SSO identity store attributes to add to your ABAC
392
+ # configuration. When using an external identity provider as an
393
+ # identity source, you can pass attributes through the SAML assertion
394
+ # as an alternative to configuring attributes from the AWS SSO
395
+ # identity store. If a SAML assertion passes any of these attributes,
396
+ # AWS SSO will replace the attribute value with the value from the AWS
397
+ # SSO identity store.
398
+ # @return [Types::InstanceAccessControlAttributeConfiguration]
399
+ #
400
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
401
+ #
402
+ class CreateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
403
+ :instance_arn,
404
+ :instance_access_control_attribute_configuration)
405
+ SENSITIVE = []
406
+ include Aws::Structure
407
+ end
408
+
409
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
410
+ #
411
+ class CreateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
412
+
308
413
  # @note When making an API call, you may pass CreatePermissionSetRequest
309
414
  # data as a hash:
310
415
  #
@@ -480,6 +585,30 @@ module Aws::SSOAdmin
480
585
  #
481
586
  class DeleteInlinePolicyFromPermissionSetResponse < Aws::EmptyStructure; end
482
587
 
588
+ # @note When making an API call, you may pass DeleteInstanceAccessControlAttributeConfigurationRequest
589
+ # data as a hash:
590
+ #
591
+ # {
592
+ # instance_arn: "InstanceArn", # required
593
+ # }
594
+ #
595
+ # @!attribute [rw] instance_arn
596
+ # The ARN of the SSO instance under which the operation will be
597
+ # executed.
598
+ # @return [String]
599
+ #
600
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
601
+ #
602
+ class DeleteInstanceAccessControlAttributeConfigurationRequest < Struct.new(
603
+ :instance_arn)
604
+ SENSITIVE = []
605
+ include Aws::Structure
606
+ end
607
+
608
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
609
+ #
610
+ class DeleteInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
611
+
483
612
  # @note When making an API call, you may pass DeletePermissionSetRequest
484
613
  # data as a hash:
485
614
  #
@@ -595,6 +724,50 @@ module Aws::SSOAdmin
595
724
  include Aws::Structure
596
725
  end
597
726
 
727
+ # @note When making an API call, you may pass DescribeInstanceAccessControlAttributeConfigurationRequest
728
+ # data as a hash:
729
+ #
730
+ # {
731
+ # instance_arn: "InstanceArn", # required
732
+ # }
733
+ #
734
+ # @!attribute [rw] instance_arn
735
+ # The ARN of the SSO instance under which the operation will be
736
+ # executed.
737
+ # @return [String]
738
+ #
739
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
740
+ #
741
+ class DescribeInstanceAccessControlAttributeConfigurationRequest < Struct.new(
742
+ :instance_arn)
743
+ SENSITIVE = []
744
+ include Aws::Structure
745
+ end
746
+
747
+ # @!attribute [rw] status
748
+ # The status of the attribute configuration process.
749
+ # @return [String]
750
+ #
751
+ # @!attribute [rw] status_reason
752
+ # Provides more details about the current status of the specified
753
+ # attribute.
754
+ # @return [String]
755
+ #
756
+ # @!attribute [rw] instance_access_control_attribute_configuration
757
+ # Gets the list of AWS SSO identity store attributes added to your
758
+ # ABAC configuration.
759
+ # @return [Types::InstanceAccessControlAttributeConfiguration]
760
+ #
761
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
762
+ #
763
+ class DescribeInstanceAccessControlAttributeConfigurationResponse < Struct.new(
764
+ :status,
765
+ :status_reason,
766
+ :instance_access_control_attribute_configuration)
767
+ SENSITIVE = []
768
+ include Aws::Structure
769
+ end
770
+
598
771
  # @note When making an API call, you may pass DescribePermissionSetProvisioningStatusRequest
599
772
  # data as a hash:
600
773
  #
@@ -759,6 +932,36 @@ module Aws::SSOAdmin
759
932
  include Aws::Structure
760
933
  end
761
934
 
935
+ # Specifies the attributes to add to your attribute-based access control
936
+ # (ABAC) configuration.
937
+ #
938
+ # @note When making an API call, you may pass InstanceAccessControlAttributeConfiguration
939
+ # data as a hash:
940
+ #
941
+ # {
942
+ # access_control_attributes: [ # required
943
+ # {
944
+ # key: "AccessControlAttributeKey", # required
945
+ # value: { # required
946
+ # source: ["AccessControlAttributeValueSource"], # required
947
+ # },
948
+ # },
949
+ # ],
950
+ # }
951
+ #
952
+ # @!attribute [rw] access_control_attributes
953
+ # Lists the attributes that are configured for ABAC in the specified
954
+ # AWS SSO instance.
955
+ # @return [Array<Types::AccessControlAttribute>]
956
+ #
957
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/InstanceAccessControlAttributeConfiguration AWS API Documentation
958
+ #
959
+ class InstanceAccessControlAttributeConfiguration < Struct.new(
960
+ :access_control_attributes)
961
+ SENSITIVE = []
962
+ include Aws::Structure
963
+ end
964
+
762
965
  # Provides information about the SSO instance.
763
966
  #
764
967
  # @!attribute [rw] instance_arn
@@ -1779,6 +1982,45 @@ module Aws::SSOAdmin
1779
1982
  #
1780
1983
  class UntagResourceResponse < Aws::EmptyStructure; end
1781
1984
 
1985
+ # @note When making an API call, you may pass UpdateInstanceAccessControlAttributeConfigurationRequest
1986
+ # data as a hash:
1987
+ #
1988
+ # {
1989
+ # instance_arn: "InstanceArn", # required
1990
+ # instance_access_control_attribute_configuration: { # required
1991
+ # access_control_attributes: [ # required
1992
+ # {
1993
+ # key: "AccessControlAttributeKey", # required
1994
+ # value: { # required
1995
+ # source: ["AccessControlAttributeValueSource"], # required
1996
+ # },
1997
+ # },
1998
+ # ],
1999
+ # },
2000
+ # }
2001
+ #
2002
+ # @!attribute [rw] instance_arn
2003
+ # The ARN of the SSO instance under which the operation will be
2004
+ # executed.
2005
+ # @return [String]
2006
+ #
2007
+ # @!attribute [rw] instance_access_control_attribute_configuration
2008
+ # Updates the attributes for your ABAC configuration.
2009
+ # @return [Types::InstanceAccessControlAttributeConfiguration]
2010
+ #
2011
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
2012
+ #
2013
+ class UpdateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
2014
+ :instance_arn,
2015
+ :instance_access_control_attribute_configuration)
2016
+ SENSITIVE = []
2017
+ include Aws::Structure
2018
+ end
2019
+
2020
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
2021
+ #
2022
+ class UpdateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
2023
+
1782
2024
  # @note When making an API call, you may pass UpdatePermissionSetRequest
1783
2025
  # data as a hash:
1784
2026
  #
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-ssoadmin
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-18 00:00:00.000000000 Z
11
+ date: 2021-03-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - ">="
21
21
  - !ruby/object:Gem::Version
22
- version: 3.99.0
22
+ version: 3.112.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.99.0
32
+ version: 3.112.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: aws-sigv4
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -47,11 +47,14 @@ dependencies:
47
47
  description: Official AWS Ruby gem for AWS Single Sign-On Admin (SSO Admin). This
48
48
  gem is part of the AWS SDK for Ruby.
49
49
  email:
50
- - trevrowe@amazon.com
50
+ - aws-dr-rubygems@amazon.com
51
51
  executables: []
52
52
  extensions: []
53
53
  extra_rdoc_files: []
54
54
  files:
55
+ - CHANGELOG.md
56
+ - LICENSE.txt
57
+ - VERSION
55
58
  - lib/aws-sdk-ssoadmin.rb
56
59
  - lib/aws-sdk-ssoadmin/client.rb
57
60
  - lib/aws-sdk-ssoadmin/client_api.rb