aws-sdk-ssoadmin 1.28.0 → 1.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -401,6 +401,11 @@ module Aws::SSOAdmin
401
401
  # Attaches the specified customer managed policy to the specified
402
402
  # PermissionSet.
403
403
  #
404
+ # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
405
+ # Specifies the name and path of a customer managed policy. You must
406
+ # have an IAM policy that matches the name and path in each Amazon Web
407
+ # Services account where you want to deploy your permission set.
408
+ #
404
409
  # @option params [required, String] :instance_arn
405
410
  # The ARN of the IAM Identity Center instance under which the operation
406
411
  # will be executed.
@@ -408,22 +413,17 @@ module Aws::SSOAdmin
408
413
  # @option params [required, String] :permission_set_arn
409
414
  # The ARN of the `PermissionSet`.
410
415
  #
411
- # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
412
- # Specifies the name and path of a customer managed policy. You must
413
- # have an IAM policy that matches the name and path in each AWS account
414
- # where you want to deploy your permission set.
415
- #
416
416
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
417
417
  #
418
418
  # @example Request syntax with placeholder values
419
419
  #
420
420
  # resp = client.attach_customer_managed_policy_reference_to_permission_set({
421
- # instance_arn: "InstanceArn", # required
422
- # permission_set_arn: "PermissionSetArn", # required
423
421
  # customer_managed_policy_reference: { # required
424
422
  # name: "ManagedPolicyName", # required
425
423
  # path: "ManagedPolicyPath",
426
424
  # },
425
+ # instance_arn: "InstanceArn", # required
426
+ # permission_set_arn: "PermissionSetArn", # required
427
427
  # })
428
428
  #
429
429
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSet AWS API Documentation
@@ -435,7 +435,8 @@ module Aws::SSOAdmin
435
435
  req.send_request(options)
436
436
  end
437
437
 
438
- # Attaches an AWS managed policy ARN to a permission set.
438
+ # Attaches an Amazon Web Services managed policy ARN to a permission
439
+ # set.
439
440
  #
440
441
  # <note markdown="1"> If the permission set is already referenced by one or more account
441
442
  # assignments, you will need to call ` ProvisionPermissionSet ` after
@@ -447,25 +448,26 @@ module Aws::SSOAdmin
447
448
  # @option params [required, String] :instance_arn
448
449
  # The ARN of the IAM Identity Center instance under which the operation
449
450
  # will be executed. For more information about ARNs, see [Amazon
450
- # Resource Names (ARNs) and AWS Service
451
+ # Resource Names (ARNs) and Amazon Web Services Service
451
452
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
452
- # *AWS General Reference*.
453
+ # *Amazon Web Services General Reference*.
454
+ #
455
+ # @option params [required, String] :managed_policy_arn
456
+ # The Amazon Web Services managed policy ARN to be attached to a
457
+ # permission set.
453
458
  #
454
459
  # @option params [required, String] :permission_set_arn
455
460
  # The ARN of the PermissionSet that the managed policy should be
456
461
  # attached to.
457
462
  #
458
- # @option params [required, String] :managed_policy_arn
459
- # The AWS managed policy ARN to be attached to a permission set.
460
- #
461
463
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
462
464
  #
463
465
  # @example Request syntax with placeholder values
464
466
  #
465
467
  # resp = client.attach_managed_policy_to_permission_set({
466
468
  # instance_arn: "InstanceArn", # required
467
- # permission_set_arn: "PermissionSetArn", # required
468
469
  # managed_policy_arn: "ManagedPolicyArn", # required
470
+ # permission_set_arn: "PermissionSetArn", # required
469
471
  # })
470
472
  #
471
473
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSet AWS API Documentation
@@ -477,8 +479,8 @@ module Aws::SSOAdmin
477
479
  req.send_request(options)
478
480
  end
479
481
 
480
- # Assigns access to a principal for a specified AWS account using a
481
- # specified permission set.
482
+ # Assigns access to a principal for a specified Amazon Web Services
483
+ # account using a specified permission set.
482
484
  #
483
485
  # <note markdown="1"> The term *principal* here refers to a user or group that is defined in
484
486
  # IAM Identity Center.
@@ -504,24 +506,14 @@ module Aws::SSOAdmin
504
506
  # @option params [required, String] :instance_arn
505
507
  # The ARN of the IAM Identity Center instance under which the operation
506
508
  # will be executed. For more information about ARNs, see [Amazon
507
- # Resource Names (ARNs) and AWS Service
509
+ # Resource Names (ARNs) and Amazon Web Services Service
508
510
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
509
- # *AWS General Reference*.
510
- #
511
- # @option params [required, String] :target_id
512
- # TargetID is an AWS account identifier, typically a 10-12 digit string
513
- # (For example, 123456789012).
514
- #
515
- # @option params [required, String] :target_type
516
- # The entity type for which the assignment will be created.
511
+ # *Amazon Web Services General Reference*.
517
512
  #
518
513
  # @option params [required, String] :permission_set_arn
519
514
  # The ARN of the permission set that the admin wants to grant the
520
515
  # principal access to.
521
516
  #
522
- # @option params [required, String] :principal_type
523
- # The entity type for which the assignment will be created.
524
- #
525
517
  # @option params [required, String] :principal_id
526
518
  # An identifier for an object in IAM Identity Center, such as a user or
527
519
  # group. PrincipalIds are GUIDs (For example,
@@ -530,6 +522,16 @@ module Aws::SSOAdmin
530
522
  # Identity Store API
531
523
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
532
524
  #
525
+ # @option params [required, String] :principal_type
526
+ # The entity type for which the assignment will be created.
527
+ #
528
+ # @option params [required, String] :target_id
529
+ # TargetID is an Amazon Web Services account identifier, (For example,
530
+ # 123456789012).
531
+ #
532
+ # @option params [required, String] :target_type
533
+ # The entity type for which the assignment will be created.
534
+ #
533
535
  # @return [Types::CreateAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
534
536
  #
535
537
  # * {Types::CreateAccountAssignmentResponse#account_assignment_creation_status #account_assignment_creation_status} => Types::AccountAssignmentOperationStatus
@@ -538,24 +540,24 @@ module Aws::SSOAdmin
538
540
  #
539
541
  # resp = client.create_account_assignment({
540
542
  # instance_arn: "InstanceArn", # required
541
- # target_id: "TargetId", # required
542
- # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
543
543
  # permission_set_arn: "PermissionSetArn", # required
544
- # principal_type: "USER", # required, accepts USER, GROUP
545
544
  # principal_id: "PrincipalId", # required
545
+ # principal_type: "USER", # required, accepts USER, GROUP
546
+ # target_id: "TargetId", # required
547
+ # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
546
548
  # })
547
549
  #
548
550
  # @example Response structure
549
551
  #
550
- # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
551
- # resp.account_assignment_creation_status.request_id #=> String
552
+ # resp.account_assignment_creation_status.created_date #=> Time
552
553
  # resp.account_assignment_creation_status.failure_reason #=> String
553
- # resp.account_assignment_creation_status.target_id #=> String
554
- # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
555
554
  # resp.account_assignment_creation_status.permission_set_arn #=> String
556
- # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
557
555
  # resp.account_assignment_creation_status.principal_id #=> String
558
- # resp.account_assignment_creation_status.created_date #=> Time
556
+ # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
557
+ # resp.account_assignment_creation_status.request_id #=> String
558
+ # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
559
+ # resp.account_assignment_creation_status.target_id #=> String
560
+ # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
559
561
  #
560
562
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignment AWS API Documentation
561
563
  #
@@ -579,10 +581,6 @@ module Aws::SSOAdmin
579
581
  #
580
582
  # </note>
581
583
  #
582
- # @option params [required, String] :instance_arn
583
- # The ARN of the IAM Identity Center instance under which the operation
584
- # will be executed.
585
- #
586
584
  # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
587
585
  # Specifies the IAM Identity Center identity store attributes to add to
588
586
  # your ABAC configuration. When using an external identity provider as
@@ -593,12 +591,15 @@ module Aws::SSOAdmin
593
591
  # attribute value with the value from the IAM Identity Center identity
594
592
  # store.
595
593
  #
594
+ # @option params [required, String] :instance_arn
595
+ # The ARN of the IAM Identity Center instance under which the operation
596
+ # will be executed.
597
+ #
596
598
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
597
599
  #
598
600
  # @example Request syntax with placeholder values
599
601
  #
600
602
  # resp = client.create_instance_access_control_attribute_configuration({
601
- # instance_arn: "InstanceArn", # required
602
603
  # instance_access_control_attribute_configuration: { # required
603
604
  # access_control_attributes: [ # required
604
605
  # {
@@ -609,6 +610,7 @@ module Aws::SSOAdmin
609
610
  # },
610
611
  # ],
611
612
  # },
613
+ # instance_arn: "InstanceArn", # required
612
614
  # })
613
615
  #
614
616
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfiguration AWS API Documentation
@@ -623,32 +625,32 @@ module Aws::SSOAdmin
623
625
  # Creates a permission set within a specified IAM Identity Center
624
626
  # instance.
625
627
  #
626
- # <note markdown="1"> To grant users and groups access to AWS account resources, use `
627
- # CreateAccountAssignment `.
628
+ # <note markdown="1"> To grant users and groups access to Amazon Web Services account
629
+ # resources, use ` CreateAccountAssignment `.
628
630
  #
629
631
  # </note>
630
632
  #
631
- # @option params [required, String] :name
632
- # The name of the PermissionSet.
633
- #
634
633
  # @option params [String] :description
635
634
  # The description of the PermissionSet.
636
635
  #
637
636
  # @option params [required, String] :instance_arn
638
637
  # The ARN of the IAM Identity Center instance under which the operation
639
638
  # will be executed. For more information about ARNs, see [Amazon
640
- # Resource Names (ARNs) and AWS Service
639
+ # Resource Names (ARNs) and Amazon Web Services Service
641
640
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
642
- # *AWS General Reference*.
641
+ # *Amazon Web Services General Reference*.
643
642
  #
644
- # @option params [String] :session_duration
645
- # The length of time that the application user sessions are valid in the
646
- # ISO-8601 standard.
643
+ # @option params [required, String] :name
644
+ # The name of the PermissionSet.
647
645
  #
648
646
  # @option params [String] :relay_state
649
647
  # Used to redirect users within the application during the federation
650
648
  # authentication process.
651
649
  #
650
+ # @option params [String] :session_duration
651
+ # The length of time that the application user sessions are valid in the
652
+ # ISO-8601 standard.
653
+ #
652
654
  # @option params [Array<Types::Tag>] :tags
653
655
  # The tags to attach to the new PermissionSet.
654
656
  #
@@ -659,11 +661,11 @@ module Aws::SSOAdmin
659
661
  # @example Request syntax with placeholder values
660
662
  #
661
663
  # resp = client.create_permission_set({
662
- # name: "PermissionSetName", # required
663
664
  # description: "PermissionSetDescription",
664
665
  # instance_arn: "InstanceArn", # required
665
- # session_duration: "Duration",
666
+ # name: "PermissionSetName", # required
666
667
  # relay_state: "RelayState",
668
+ # session_duration: "Duration",
667
669
  # tags: [
668
670
  # {
669
671
  # key: "TagKey", # required
@@ -674,12 +676,12 @@ module Aws::SSOAdmin
674
676
  #
675
677
  # @example Response structure
676
678
  #
679
+ # resp.permission_set.created_date #=> Time
680
+ # resp.permission_set.description #=> String
677
681
  # resp.permission_set.name #=> String
678
682
  # resp.permission_set.permission_set_arn #=> String
679
- # resp.permission_set.description #=> String
680
- # resp.permission_set.created_date #=> Time
681
- # resp.permission_set.session_duration #=> String
682
683
  # resp.permission_set.relay_state #=> String
684
+ # resp.permission_set.session_duration #=> String
683
685
  #
684
686
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSet AWS API Documentation
685
687
  #
@@ -690,11 +692,11 @@ module Aws::SSOAdmin
690
692
  req.send_request(options)
691
693
  end
692
694
 
693
- # Deletes a principal's access from a specified AWS account using a
694
- # specified permission set.
695
+ # Deletes a principal's access from a specified Amazon Web Services
696
+ # account using a specified permission set.
695
697
  #
696
698
  # <note markdown="1"> After a successful response, call
697
- # `DescribeAccountAssignmentCreationStatus` to describe the status of an
699
+ # `DescribeAccountAssignmentDeletionStatus` to describe the status of an
698
700
  # assignment deletion request.
699
701
  #
700
702
  # </note>
@@ -702,23 +704,13 @@ module Aws::SSOAdmin
702
704
  # @option params [required, String] :instance_arn
703
705
  # The ARN of the IAM Identity Center instance under which the operation
704
706
  # will be executed. For more information about ARNs, see [Amazon
705
- # Resource Names (ARNs) and AWS Service
707
+ # Resource Names (ARNs) and Amazon Web Services Service
706
708
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
707
- # *AWS General Reference*.
708
- #
709
- # @option params [required, String] :target_id
710
- # TargetID is an AWS account identifier, typically a 10-12 digit string
711
- # (For example, 123456789012).
712
- #
713
- # @option params [required, String] :target_type
714
- # The entity type for which the assignment will be deleted.
709
+ # *Amazon Web Services General Reference*.
715
710
  #
716
711
  # @option params [required, String] :permission_set_arn
717
712
  # The ARN of the permission set that will be used to remove access.
718
713
  #
719
- # @option params [required, String] :principal_type
720
- # The entity type for which the assignment will be deleted.
721
- #
722
714
  # @option params [required, String] :principal_id
723
715
  # An identifier for an object in IAM Identity Center, such as a user or
724
716
  # group. PrincipalIds are GUIDs (For example,
@@ -727,6 +719,16 @@ module Aws::SSOAdmin
727
719
  # Identity Store API
728
720
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
729
721
  #
722
+ # @option params [required, String] :principal_type
723
+ # The entity type for which the assignment will be deleted.
724
+ #
725
+ # @option params [required, String] :target_id
726
+ # TargetID is an Amazon Web Services account identifier, (For example,
727
+ # 123456789012).
728
+ #
729
+ # @option params [required, String] :target_type
730
+ # The entity type for which the assignment will be deleted.
731
+ #
730
732
  # @return [Types::DeleteAccountAssignmentResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
731
733
  #
732
734
  # * {Types::DeleteAccountAssignmentResponse#account_assignment_deletion_status #account_assignment_deletion_status} => Types::AccountAssignmentOperationStatus
@@ -735,24 +737,24 @@ module Aws::SSOAdmin
735
737
  #
736
738
  # resp = client.delete_account_assignment({
737
739
  # instance_arn: "InstanceArn", # required
738
- # target_id: "TargetId", # required
739
- # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
740
740
  # permission_set_arn: "PermissionSetArn", # required
741
- # principal_type: "USER", # required, accepts USER, GROUP
742
741
  # principal_id: "PrincipalId", # required
742
+ # principal_type: "USER", # required, accepts USER, GROUP
743
+ # target_id: "TargetId", # required
744
+ # target_type: "AWS_ACCOUNT", # required, accepts AWS_ACCOUNT
743
745
  # })
744
746
  #
745
747
  # @example Response structure
746
748
  #
747
- # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
748
- # resp.account_assignment_deletion_status.request_id #=> String
749
+ # resp.account_assignment_deletion_status.created_date #=> Time
749
750
  # resp.account_assignment_deletion_status.failure_reason #=> String
750
- # resp.account_assignment_deletion_status.target_id #=> String
751
- # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
752
751
  # resp.account_assignment_deletion_status.permission_set_arn #=> String
753
- # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
754
752
  # resp.account_assignment_deletion_status.principal_id #=> String
755
- # resp.account_assignment_deletion_status.created_date #=> Time
753
+ # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
754
+ # resp.account_assignment_deletion_status.request_id #=> String
755
+ # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
756
+ # resp.account_assignment_deletion_status.target_id #=> String
757
+ # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
756
758
  #
757
759
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignment AWS API Documentation
758
760
  #
@@ -768,9 +770,9 @@ module Aws::SSOAdmin
768
770
  # @option params [required, String] :instance_arn
769
771
  # The ARN of the IAM Identity Center instance under which the operation
770
772
  # will be executed. For more information about ARNs, see [Amazon
771
- # Resource Names (ARNs) and AWS Service
773
+ # Resource Names (ARNs) and Amazon Web Services Service
772
774
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
773
- # *AWS General Reference*.
775
+ # *Amazon Web Services General Reference*.
774
776
  #
775
777
  # @option params [required, String] :permission_set_arn
776
778
  # The ARN of the permission set that will be used to remove access.
@@ -828,9 +830,9 @@ module Aws::SSOAdmin
828
830
  # @option params [required, String] :instance_arn
829
831
  # The ARN of the IAM Identity Center instance under which the operation
830
832
  # will be executed. For more information about ARNs, see [Amazon
831
- # Resource Names (ARNs) and AWS Service
833
+ # Resource Names (ARNs) and Amazon Web Services Service
832
834
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
833
- # *AWS General Reference*.
835
+ # *Amazon Web Services General Reference*.
834
836
  #
835
837
  # @option params [required, String] :permission_set_arn
836
838
  # The ARN of the permission set that should be deleted.
@@ -882,15 +884,15 @@ module Aws::SSOAdmin
882
884
 
883
885
  # Describes the status of the assignment creation request.
884
886
  #
887
+ # @option params [required, String] :account_assignment_creation_request_id
888
+ # The identifier that is used to track the request operation progress.
889
+ #
885
890
  # @option params [required, String] :instance_arn
886
891
  # The ARN of the IAM Identity Center instance under which the operation
887
892
  # will be executed. For more information about ARNs, see [Amazon
888
- # Resource Names (ARNs) and AWS Service
893
+ # Resource Names (ARNs) and Amazon Web Services Service
889
894
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
890
- # *AWS General Reference*.
891
- #
892
- # @option params [required, String] :account_assignment_creation_request_id
893
- # The identifier that is used to track the request operation progress.
895
+ # *Amazon Web Services General Reference*.
894
896
  #
895
897
  # @return [Types::DescribeAccountAssignmentCreationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
896
898
  #
@@ -899,21 +901,21 @@ module Aws::SSOAdmin
899
901
  # @example Request syntax with placeholder values
900
902
  #
901
903
  # resp = client.describe_account_assignment_creation_status({
902
- # instance_arn: "InstanceArn", # required
903
904
  # account_assignment_creation_request_id: "UUId", # required
905
+ # instance_arn: "InstanceArn", # required
904
906
  # })
905
907
  #
906
908
  # @example Response structure
907
909
  #
908
- # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
909
- # resp.account_assignment_creation_status.request_id #=> String
910
+ # resp.account_assignment_creation_status.created_date #=> Time
910
911
  # resp.account_assignment_creation_status.failure_reason #=> String
911
- # resp.account_assignment_creation_status.target_id #=> String
912
- # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
913
912
  # resp.account_assignment_creation_status.permission_set_arn #=> String
914
- # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
915
913
  # resp.account_assignment_creation_status.principal_id #=> String
916
- # resp.account_assignment_creation_status.created_date #=> Time
914
+ # resp.account_assignment_creation_status.principal_type #=> String, one of "USER", "GROUP"
915
+ # resp.account_assignment_creation_status.request_id #=> String
916
+ # resp.account_assignment_creation_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
917
+ # resp.account_assignment_creation_status.target_id #=> String
918
+ # resp.account_assignment_creation_status.target_type #=> String, one of "AWS_ACCOUNT"
917
919
  #
918
920
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatus AWS API Documentation
919
921
  #
@@ -926,15 +928,15 @@ module Aws::SSOAdmin
926
928
 
927
929
  # Describes the status of the assignment deletion request.
928
930
  #
931
+ # @option params [required, String] :account_assignment_deletion_request_id
932
+ # The identifier that is used to track the request operation progress.
933
+ #
929
934
  # @option params [required, String] :instance_arn
930
935
  # The ARN of the IAM Identity Center instance under which the operation
931
936
  # will be executed. For more information about ARNs, see [Amazon
932
- # Resource Names (ARNs) and AWS Service
937
+ # Resource Names (ARNs) and Amazon Web Services Service
933
938
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
934
- # *AWS General Reference*.
935
- #
936
- # @option params [required, String] :account_assignment_deletion_request_id
937
- # The identifier that is used to track the request operation progress.
939
+ # *Amazon Web Services General Reference*.
938
940
  #
939
941
  # @return [Types::DescribeAccountAssignmentDeletionStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
940
942
  #
@@ -943,21 +945,21 @@ module Aws::SSOAdmin
943
945
  # @example Request syntax with placeholder values
944
946
  #
945
947
  # resp = client.describe_account_assignment_deletion_status({
946
- # instance_arn: "InstanceArn", # required
947
948
  # account_assignment_deletion_request_id: "UUId", # required
949
+ # instance_arn: "InstanceArn", # required
948
950
  # })
949
951
  #
950
952
  # @example Response structure
951
953
  #
952
- # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
953
- # resp.account_assignment_deletion_status.request_id #=> String
954
+ # resp.account_assignment_deletion_status.created_date #=> Time
954
955
  # resp.account_assignment_deletion_status.failure_reason #=> String
955
- # resp.account_assignment_deletion_status.target_id #=> String
956
- # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
957
956
  # resp.account_assignment_deletion_status.permission_set_arn #=> String
958
- # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
959
957
  # resp.account_assignment_deletion_status.principal_id #=> String
960
- # resp.account_assignment_deletion_status.created_date #=> Time
958
+ # resp.account_assignment_deletion_status.principal_type #=> String, one of "USER", "GROUP"
959
+ # resp.account_assignment_deletion_status.request_id #=> String
960
+ # resp.account_assignment_deletion_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
961
+ # resp.account_assignment_deletion_status.target_id #=> String
962
+ # resp.account_assignment_deletion_status.target_type #=> String, one of "AWS_ACCOUNT"
961
963
  #
962
964
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatus AWS API Documentation
963
965
  #
@@ -982,9 +984,9 @@ module Aws::SSOAdmin
982
984
  #
983
985
  # @return [Types::DescribeInstanceAccessControlAttributeConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
984
986
  #
987
+ # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#instance_access_control_attribute_configuration #instance_access_control_attribute_configuration} => Types::InstanceAccessControlAttributeConfiguration
985
988
  # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#status #status} => String
986
989
  # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#status_reason #status_reason} => String
987
- # * {Types::DescribeInstanceAccessControlAttributeConfigurationResponse#instance_access_control_attribute_configuration #instance_access_control_attribute_configuration} => Types::InstanceAccessControlAttributeConfiguration
988
990
  #
989
991
  # @example Request syntax with placeholder values
990
992
  #
@@ -994,12 +996,12 @@ module Aws::SSOAdmin
994
996
  #
995
997
  # @example Response structure
996
998
  #
997
- # resp.status #=> String, one of "ENABLED", "CREATION_IN_PROGRESS", "CREATION_FAILED"
998
- # resp.status_reason #=> String
999
999
  # resp.instance_access_control_attribute_configuration.access_control_attributes #=> Array
1000
1000
  # resp.instance_access_control_attribute_configuration.access_control_attributes[0].key #=> String
1001
1001
  # resp.instance_access_control_attribute_configuration.access_control_attributes[0].value.source #=> Array
1002
1002
  # resp.instance_access_control_attribute_configuration.access_control_attributes[0].value.source[0] #=> String
1003
+ # resp.status #=> String, one of "ENABLED", "CREATION_IN_PROGRESS", "CREATION_FAILED"
1004
+ # resp.status_reason #=> String
1003
1005
  #
1004
1006
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfiguration AWS API Documentation
1005
1007
  #
@@ -1015,9 +1017,9 @@ module Aws::SSOAdmin
1015
1017
  # @option params [required, String] :instance_arn
1016
1018
  # The ARN of the IAM Identity Center instance under which the operation
1017
1019
  # will be executed. For more information about ARNs, see [Amazon
1018
- # Resource Names (ARNs) and AWS Service
1020
+ # Resource Names (ARNs) and Amazon Web Services Service
1019
1021
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1020
- # *AWS General Reference*.
1022
+ # *Amazon Web Services General Reference*.
1021
1023
  #
1022
1024
  # @option params [required, String] :permission_set_arn
1023
1025
  # The ARN of the permission set.
@@ -1035,12 +1037,12 @@ module Aws::SSOAdmin
1035
1037
  #
1036
1038
  # @example Response structure
1037
1039
  #
1040
+ # resp.permission_set.created_date #=> Time
1041
+ # resp.permission_set.description #=> String
1038
1042
  # resp.permission_set.name #=> String
1039
1043
  # resp.permission_set.permission_set_arn #=> String
1040
- # resp.permission_set.description #=> String
1041
- # resp.permission_set.created_date #=> Time
1042
- # resp.permission_set.session_duration #=> String
1043
1044
  # resp.permission_set.relay_state #=> String
1045
+ # resp.permission_set.session_duration #=> String
1044
1046
  #
1045
1047
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSet AWS API Documentation
1046
1048
  #
@@ -1057,9 +1059,9 @@ module Aws::SSOAdmin
1057
1059
  # @option params [required, String] :instance_arn
1058
1060
  # The ARN of the IAM Identity Center instance under which the operation
1059
1061
  # will be executed. For more information about ARNs, see [Amazon
1060
- # Resource Names (ARNs) and AWS Service
1062
+ # Resource Names (ARNs) and Amazon Web Services Service
1061
1063
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1062
- # *AWS General Reference*.
1064
+ # *Amazon Web Services General Reference*.
1063
1065
  #
1064
1066
  # @option params [required, String] :provision_permission_set_request_id
1065
1067
  # The identifier that is provided by the ProvisionPermissionSet call to
@@ -1078,12 +1080,12 @@ module Aws::SSOAdmin
1078
1080
  #
1079
1081
  # @example Response structure
1080
1082
  #
1081
- # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1082
- # resp.permission_set_provisioning_status.request_id #=> String
1083
1083
  # resp.permission_set_provisioning_status.account_id #=> String
1084
- # resp.permission_set_provisioning_status.permission_set_arn #=> String
1085
- # resp.permission_set_provisioning_status.failure_reason #=> String
1086
1084
  # resp.permission_set_provisioning_status.created_date #=> Time
1085
+ # resp.permission_set_provisioning_status.failure_reason #=> String
1086
+ # resp.permission_set_provisioning_status.permission_set_arn #=> String
1087
+ # resp.permission_set_provisioning_status.request_id #=> String
1088
+ # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1087
1089
  #
1088
1090
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetProvisioningStatus AWS API Documentation
1089
1091
  #
@@ -1097,6 +1099,11 @@ module Aws::SSOAdmin
1097
1099
  # Detaches the specified customer managed policy from the specified
1098
1100
  # PermissionSet.
1099
1101
  #
1102
+ # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
1103
+ # Specifies the name and path of a customer managed policy. You must
1104
+ # have an IAM policy that matches the name and path in each Amazon Web
1105
+ # Services account where you want to deploy your permission set.
1106
+ #
1100
1107
  # @option params [required, String] :instance_arn
1101
1108
  # The ARN of the IAM Identity Center instance under which the operation
1102
1109
  # will be executed.
@@ -1104,22 +1111,17 @@ module Aws::SSOAdmin
1104
1111
  # @option params [required, String] :permission_set_arn
1105
1112
  # The ARN of the `PermissionSet`.
1106
1113
  #
1107
- # @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
1108
- # Specifies the name and path of a customer managed policy. You must
1109
- # have an IAM policy that matches the name and path in each AWS account
1110
- # where you want to deploy your permission set.
1111
- #
1112
1114
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1113
1115
  #
1114
1116
  # @example Request syntax with placeholder values
1115
1117
  #
1116
1118
  # resp = client.detach_customer_managed_policy_reference_from_permission_set({
1117
- # instance_arn: "InstanceArn", # required
1118
- # permission_set_arn: "PermissionSetArn", # required
1119
1119
  # customer_managed_policy_reference: { # required
1120
1120
  # name: "ManagedPolicyName", # required
1121
1121
  # path: "ManagedPolicyPath",
1122
1122
  # },
1123
+ # instance_arn: "InstanceArn", # required
1124
+ # permission_set_arn: "PermissionSetArn", # required
1123
1125
  # })
1124
1126
  #
1125
1127
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSet AWS API Documentation
@@ -1131,30 +1133,31 @@ module Aws::SSOAdmin
1131
1133
  req.send_request(options)
1132
1134
  end
1133
1135
 
1134
- # Detaches the attached AWS managed policy ARN from the specified
1135
- # permission set.
1136
+ # Detaches the attached Amazon Web Services managed policy ARN from the
1137
+ # specified permission set.
1136
1138
  #
1137
1139
  # @option params [required, String] :instance_arn
1138
1140
  # The ARN of the IAM Identity Center instance under which the operation
1139
1141
  # will be executed. For more information about ARNs, see [Amazon
1140
- # Resource Names (ARNs) and AWS Service
1142
+ # Resource Names (ARNs) and Amazon Web Services Service
1141
1143
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1142
- # *AWS General Reference*.
1144
+ # *Amazon Web Services General Reference*.
1145
+ #
1146
+ # @option params [required, String] :managed_policy_arn
1147
+ # The Amazon Web Services managed policy ARN to be detached from a
1148
+ # permission set.
1143
1149
  #
1144
1150
  # @option params [required, String] :permission_set_arn
1145
1151
  # The ARN of the PermissionSet from which the policy should be detached.
1146
1152
  #
1147
- # @option params [required, String] :managed_policy_arn
1148
- # The AWS managed policy ARN to be detached from a permission set.
1149
- #
1150
1153
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1151
1154
  #
1152
1155
  # @example Request syntax with placeholder values
1153
1156
  #
1154
1157
  # resp = client.detach_managed_policy_from_permission_set({
1155
1158
  # instance_arn: "InstanceArn", # required
1156
- # permission_set_arn: "PermissionSetArn", # required
1157
1159
  # managed_policy_arn: "ManagedPolicyArn", # required
1160
+ # permission_set_arn: "PermissionSetArn", # required
1158
1161
  # })
1159
1162
  #
1160
1163
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSet AWS API Documentation
@@ -1171,9 +1174,9 @@ module Aws::SSOAdmin
1171
1174
  # @option params [required, String] :instance_arn
1172
1175
  # The ARN of the IAM Identity Center instance under which the operation
1173
1176
  # will be executed. For more information about ARNs, see [Amazon
1174
- # Resource Names (ARNs) and AWS Service
1177
+ # Resource Names (ARNs) and Amazon Web Services Service
1175
1178
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1176
- # *AWS General Reference*.
1179
+ # *Amazon Web Services General Reference*.
1177
1180
  #
1178
1181
  # @option params [required, String] :permission_set_arn
1179
1182
  # The ARN of the permission set.
@@ -1237,15 +1240,18 @@ module Aws::SSOAdmin
1237
1240
  req.send_request(options)
1238
1241
  end
1239
1242
 
1240
- # Lists the status of the AWS account assignment creation requests for a
1241
- # specified IAM Identity Center instance.
1243
+ # Lists the status of the Amazon Web Services account assignment
1244
+ # creation requests for a specified IAM Identity Center instance.
1245
+ #
1246
+ # @option params [Types::OperationStatusFilter] :filter
1247
+ # Filters results based on the passed attribute value.
1242
1248
  #
1243
1249
  # @option params [required, String] :instance_arn
1244
1250
  # The ARN of the IAM Identity Center instance under which the operation
1245
1251
  # will be executed. For more information about ARNs, see [Amazon
1246
- # Resource Names (ARNs) and AWS Service
1252
+ # Resource Names (ARNs) and Amazon Web Services Service
1247
1253
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1248
- # *AWS General Reference*.
1254
+ # *Amazon Web Services General Reference*.
1249
1255
  #
1250
1256
  # @option params [Integer] :max_results
1251
1257
  # The maximum number of results to display for the assignment.
@@ -1254,9 +1260,6 @@ module Aws::SSOAdmin
1254
1260
  # The pagination token for the list API. Initially the value is null.
1255
1261
  # Use the output of previous API calls to make subsequent calls.
1256
1262
  #
1257
- # @option params [Types::OperationStatusFilter] :filter
1258
- # Filters results based on the passed attribute value.
1259
- #
1260
1263
  # @return [Types::ListAccountAssignmentCreationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1261
1264
  #
1262
1265
  # * {Types::ListAccountAssignmentCreationStatusResponse#account_assignments_creation_status #account_assignments_creation_status} => Array&lt;Types::AccountAssignmentOperationStatusMetadata&gt;
@@ -1267,20 +1270,20 @@ module Aws::SSOAdmin
1267
1270
  # @example Request syntax with placeholder values
1268
1271
  #
1269
1272
  # resp = client.list_account_assignment_creation_status({
1270
- # instance_arn: "InstanceArn", # required
1271
- # max_results: 1,
1272
- # next_token: "Token",
1273
1273
  # filter: {
1274
1274
  # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
1275
1275
  # },
1276
+ # instance_arn: "InstanceArn", # required
1277
+ # max_results: 1,
1278
+ # next_token: "Token",
1276
1279
  # })
1277
1280
  #
1278
1281
  # @example Response structure
1279
1282
  #
1280
1283
  # resp.account_assignments_creation_status #=> Array
1281
- # resp.account_assignments_creation_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1282
- # resp.account_assignments_creation_status[0].request_id #=> String
1283
1284
  # resp.account_assignments_creation_status[0].created_date #=> Time
1285
+ # resp.account_assignments_creation_status[0].request_id #=> String
1286
+ # resp.account_assignments_creation_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1284
1287
  # resp.next_token #=> String
1285
1288
  #
1286
1289
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatus AWS API Documentation
@@ -1292,15 +1295,18 @@ module Aws::SSOAdmin
1292
1295
  req.send_request(options)
1293
1296
  end
1294
1297
 
1295
- # Lists the status of the AWS account assignment deletion requests for a
1296
- # specified IAM Identity Center instance.
1298
+ # Lists the status of the Amazon Web Services account assignment
1299
+ # deletion requests for a specified IAM Identity Center instance.
1300
+ #
1301
+ # @option params [Types::OperationStatusFilter] :filter
1302
+ # Filters results based on the passed attribute value.
1297
1303
  #
1298
1304
  # @option params [required, String] :instance_arn
1299
1305
  # The ARN of the IAM Identity Center instance under which the operation
1300
1306
  # will be executed. For more information about ARNs, see [Amazon
1301
- # Resource Names (ARNs) and AWS Service
1307
+ # Resource Names (ARNs) and Amazon Web Services Service
1302
1308
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1303
- # *AWS General Reference*.
1309
+ # *Amazon Web Services General Reference*.
1304
1310
  #
1305
1311
  # @option params [Integer] :max_results
1306
1312
  # The maximum number of results to display for the assignment.
@@ -1309,9 +1315,6 @@ module Aws::SSOAdmin
1309
1315
  # The pagination token for the list API. Initially the value is null.
1310
1316
  # Use the output of previous API calls to make subsequent calls.
1311
1317
  #
1312
- # @option params [Types::OperationStatusFilter] :filter
1313
- # Filters results based on the passed attribute value.
1314
- #
1315
1318
  # @return [Types::ListAccountAssignmentDeletionStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1316
1319
  #
1317
1320
  # * {Types::ListAccountAssignmentDeletionStatusResponse#account_assignments_deletion_status #account_assignments_deletion_status} => Array&lt;Types::AccountAssignmentOperationStatusMetadata&gt;
@@ -1322,20 +1325,20 @@ module Aws::SSOAdmin
1322
1325
  # @example Request syntax with placeholder values
1323
1326
  #
1324
1327
  # resp = client.list_account_assignment_deletion_status({
1325
- # instance_arn: "InstanceArn", # required
1326
- # max_results: 1,
1327
- # next_token: "Token",
1328
1328
  # filter: {
1329
1329
  # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
1330
1330
  # },
1331
+ # instance_arn: "InstanceArn", # required
1332
+ # max_results: 1,
1333
+ # next_token: "Token",
1331
1334
  # })
1332
1335
  #
1333
1336
  # @example Response structure
1334
1337
  #
1335
1338
  # resp.account_assignments_deletion_status #=> Array
1336
- # resp.account_assignments_deletion_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1337
- # resp.account_assignments_deletion_status[0].request_id #=> String
1338
1339
  # resp.account_assignments_deletion_status[0].created_date #=> Time
1340
+ # resp.account_assignments_deletion_status[0].request_id #=> String
1341
+ # resp.account_assignments_deletion_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1339
1342
  # resp.next_token #=> String
1340
1343
  #
1341
1344
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatus AWS API Documentation
@@ -1347,21 +1350,19 @@ module Aws::SSOAdmin
1347
1350
  req.send_request(options)
1348
1351
  end
1349
1352
 
1350
- # Lists the assignee of the specified AWS account with the specified
1351
- # permission set.
1353
+ # Lists the assignee of the specified Amazon Web Services account with
1354
+ # the specified permission set.
1355
+ #
1356
+ # @option params [required, String] :account_id
1357
+ # The identifier of the Amazon Web Services account from which to list
1358
+ # the assignments.
1352
1359
  #
1353
1360
  # @option params [required, String] :instance_arn
1354
1361
  # The ARN of the IAM Identity Center instance under which the operation
1355
1362
  # will be executed. For more information about ARNs, see [Amazon
1356
- # Resource Names (ARNs) and AWS Service
1363
+ # Resource Names (ARNs) and Amazon Web Services Service
1357
1364
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1358
- # *AWS General Reference*.
1359
- #
1360
- # @option params [required, String] :account_id
1361
- # The identifier of the AWS account from which to list the assignments.
1362
- #
1363
- # @option params [required, String] :permission_set_arn
1364
- # The ARN of the permission set from which to list assignments.
1365
+ # *Amazon Web Services General Reference*.
1365
1366
  #
1366
1367
  # @option params [Integer] :max_results
1367
1368
  # The maximum number of results to display for the assignment.
@@ -1370,6 +1371,9 @@ module Aws::SSOAdmin
1370
1371
  # The pagination token for the list API. Initially the value is null.
1371
1372
  # Use the output of previous API calls to make subsequent calls.
1372
1373
  #
1374
+ # @option params [required, String] :permission_set_arn
1375
+ # The ARN of the permission set from which to list assignments.
1376
+ #
1373
1377
  # @return [Types::ListAccountAssignmentsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1374
1378
  #
1375
1379
  # * {Types::ListAccountAssignmentsResponse#account_assignments #account_assignments} => Array&lt;Types::AccountAssignment&gt;
@@ -1380,11 +1384,11 @@ module Aws::SSOAdmin
1380
1384
  # @example Request syntax with placeholder values
1381
1385
  #
1382
1386
  # resp = client.list_account_assignments({
1383
- # instance_arn: "InstanceArn", # required
1384
1387
  # account_id: "TargetId", # required
1385
- # permission_set_arn: "PermissionSetArn", # required
1388
+ # instance_arn: "InstanceArn", # required
1386
1389
  # max_results: 1,
1387
1390
  # next_token: "Token",
1391
+ # permission_set_arn: "PermissionSetArn", # required
1388
1392
  # })
1389
1393
  #
1390
1394
  # @example Response structure
@@ -1392,8 +1396,8 @@ module Aws::SSOAdmin
1392
1396
  # resp.account_assignments #=> Array
1393
1397
  # resp.account_assignments[0].account_id #=> String
1394
1398
  # resp.account_assignments[0].permission_set_arn #=> String
1395
- # resp.account_assignments[0].principal_type #=> String, one of "USER", "GROUP"
1396
1399
  # resp.account_assignments[0].principal_id #=> String
1400
+ # resp.account_assignments[0].principal_type #=> String, one of "USER", "GROUP"
1397
1401
  # resp.next_token #=> String
1398
1402
  #
1399
1403
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignments AWS API Documentation
@@ -1405,22 +1409,15 @@ module Aws::SSOAdmin
1405
1409
  req.send_request(options)
1406
1410
  end
1407
1411
 
1408
- # Lists all the AWS accounts where the specified permission set is
1409
- # provisioned.
1412
+ # Lists all the Amazon Web Services accounts where the specified
1413
+ # permission set is provisioned.
1410
1414
  #
1411
1415
  # @option params [required, String] :instance_arn
1412
1416
  # The ARN of the IAM Identity Center instance under which the operation
1413
1417
  # will be executed. For more information about ARNs, see [Amazon
1414
- # Resource Names (ARNs) and AWS Service
1418
+ # Resource Names (ARNs) and Amazon Web Services Service
1415
1419
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1416
- # *AWS General Reference*.
1417
- #
1418
- # @option params [required, String] :permission_set_arn
1419
- # The ARN of the PermissionSet from which the associated AWS accounts
1420
- # will be listed.
1421
- #
1422
- # @option params [String] :provisioning_status
1423
- # The permission set provisioning status for an AWS account.
1420
+ # *Amazon Web Services General Reference*.
1424
1421
  #
1425
1422
  # @option params [Integer] :max_results
1426
1423
  # The maximum number of results to display for the PermissionSet.
@@ -1429,6 +1426,14 @@ module Aws::SSOAdmin
1429
1426
  # The pagination token for the list API. Initially the value is null.
1430
1427
  # Use the output of previous API calls to make subsequent calls.
1431
1428
  #
1429
+ # @option params [required, String] :permission_set_arn
1430
+ # The ARN of the PermissionSet from which the associated Amazon Web
1431
+ # Services accounts will be listed.
1432
+ #
1433
+ # @option params [String] :provisioning_status
1434
+ # The permission set provisioning status for an Amazon Web Services
1435
+ # account.
1436
+ #
1432
1437
  # @return [Types::ListAccountsForProvisionedPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1433
1438
  #
1434
1439
  # * {Types::ListAccountsForProvisionedPermissionSetResponse#account_ids #account_ids} => Array&lt;String&gt;
@@ -1440,10 +1445,10 @@ module Aws::SSOAdmin
1440
1445
  #
1441
1446
  # resp = client.list_accounts_for_provisioned_permission_set({
1442
1447
  # instance_arn: "InstanceArn", # required
1443
- # permission_set_arn: "PermissionSetArn", # required
1444
- # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1445
1448
  # max_results: 1,
1446
1449
  # next_token: "Token",
1450
+ # permission_set_arn: "PermissionSetArn", # required
1451
+ # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1447
1452
  # })
1448
1453
  #
1449
1454
  # @example Response structure
@@ -1468,9 +1473,6 @@ module Aws::SSOAdmin
1468
1473
  # The ARN of the IAM Identity Center instance under which the operation
1469
1474
  # will be executed.
1470
1475
  #
1471
- # @option params [required, String] :permission_set_arn
1472
- # The ARN of the `PermissionSet`.
1473
- #
1474
1476
  # @option params [Integer] :max_results
1475
1477
  # The maximum number of results to display for the list call.
1476
1478
  #
@@ -1478,6 +1480,9 @@ module Aws::SSOAdmin
1478
1480
  # The pagination token for the list API. Initially the value is null.
1479
1481
  # Use the output of previous API calls to make subsequent calls.
1480
1482
  #
1483
+ # @option params [required, String] :permission_set_arn
1484
+ # The ARN of the `PermissionSet`.
1485
+ #
1481
1486
  # @return [Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1482
1487
  #
1483
1488
  # * {Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse#customer_managed_policy_references #customer_managed_policy_references} => Array&lt;Types::CustomerManagedPolicyReference&gt;
@@ -1489,9 +1494,9 @@ module Aws::SSOAdmin
1489
1494
  #
1490
1495
  # resp = client.list_customer_managed_policy_references_in_permission_set({
1491
1496
  # instance_arn: "InstanceArn", # required
1492
- # permission_set_arn: "PermissionSetArn", # required
1493
1497
  # max_results: 1,
1494
1498
  # next_token: "Token",
1499
+ # permission_set_arn: "PermissionSetArn", # required
1495
1500
  # })
1496
1501
  #
1497
1502
  # @example Response structure
@@ -1536,8 +1541,8 @@ module Aws::SSOAdmin
1536
1541
  # @example Response structure
1537
1542
  #
1538
1543
  # resp.instances #=> Array
1539
- # resp.instances[0].instance_arn #=> String
1540
1544
  # resp.instances[0].identity_store_id #=> String
1545
+ # resp.instances[0].instance_arn #=> String
1541
1546
  # resp.next_token #=> String
1542
1547
  #
1543
1548
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListInstances AWS API Documentation
@@ -1549,18 +1554,15 @@ module Aws::SSOAdmin
1549
1554
  req.send_request(options)
1550
1555
  end
1551
1556
 
1552
- # Lists the AWS managed policy that is attached to a specified
1553
- # permission set.
1557
+ # Lists the Amazon Web Services managed policy that is attached to a
1558
+ # specified permission set.
1554
1559
  #
1555
1560
  # @option params [required, String] :instance_arn
1556
1561
  # The ARN of the IAM Identity Center instance under which the operation
1557
1562
  # will be executed. For more information about ARNs, see [Amazon
1558
- # Resource Names (ARNs) and AWS Service
1563
+ # Resource Names (ARNs) and Amazon Web Services Service
1559
1564
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1560
- # *AWS General Reference*.
1561
- #
1562
- # @option params [required, String] :permission_set_arn
1563
- # The ARN of the PermissionSet whose managed policies will be listed.
1565
+ # *Amazon Web Services General Reference*.
1564
1566
  #
1565
1567
  # @option params [Integer] :max_results
1566
1568
  # The maximum number of results to display for the PermissionSet.
@@ -1569,6 +1571,9 @@ module Aws::SSOAdmin
1569
1571
  # The pagination token for the list API. Initially the value is null.
1570
1572
  # Use the output of previous API calls to make subsequent calls.
1571
1573
  #
1574
+ # @option params [required, String] :permission_set_arn
1575
+ # The ARN of the PermissionSet whose managed policies will be listed.
1576
+ #
1572
1577
  # @return [Types::ListManagedPoliciesInPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1573
1578
  #
1574
1579
  # * {Types::ListManagedPoliciesInPermissionSetResponse#attached_managed_policies #attached_managed_policies} => Array&lt;Types::AttachedManagedPolicy&gt;
@@ -1580,16 +1585,16 @@ module Aws::SSOAdmin
1580
1585
  #
1581
1586
  # resp = client.list_managed_policies_in_permission_set({
1582
1587
  # instance_arn: "InstanceArn", # required
1583
- # permission_set_arn: "PermissionSetArn", # required
1584
1588
  # max_results: 1,
1585
1589
  # next_token: "Token",
1590
+ # permission_set_arn: "PermissionSetArn", # required
1586
1591
  # })
1587
1592
  #
1588
1593
  # @example Response structure
1589
1594
  #
1590
1595
  # resp.attached_managed_policies #=> Array
1591
- # resp.attached_managed_policies[0].name #=> String
1592
1596
  # resp.attached_managed_policies[0].arn #=> String
1597
+ # resp.attached_managed_policies[0].name #=> String
1593
1598
  # resp.next_token #=> String
1594
1599
  #
1595
1600
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSet AWS API Documentation
@@ -1604,12 +1609,15 @@ module Aws::SSOAdmin
1604
1609
  # Lists the status of the permission set provisioning requests for a
1605
1610
  # specified IAM Identity Center instance.
1606
1611
  #
1612
+ # @option params [Types::OperationStatusFilter] :filter
1613
+ # Filters results based on the passed attribute value.
1614
+ #
1607
1615
  # @option params [required, String] :instance_arn
1608
1616
  # The ARN of the IAM Identity Center instance under which the operation
1609
1617
  # will be executed. For more information about ARNs, see [Amazon
1610
- # Resource Names (ARNs) and AWS Service
1618
+ # Resource Names (ARNs) and Amazon Web Services Service
1611
1619
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1612
- # *AWS General Reference*.
1620
+ # *Amazon Web Services General Reference*.
1613
1621
  #
1614
1622
  # @option params [Integer] :max_results
1615
1623
  # The maximum number of results to display for the assignment.
@@ -1618,34 +1626,31 @@ module Aws::SSOAdmin
1618
1626
  # The pagination token for the list API. Initially the value is null.
1619
1627
  # Use the output of previous API calls to make subsequent calls.
1620
1628
  #
1621
- # @option params [Types::OperationStatusFilter] :filter
1622
- # Filters results based on the passed attribute value.
1623
- #
1624
1629
  # @return [Types::ListPermissionSetProvisioningStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1625
1630
  #
1626
- # * {Types::ListPermissionSetProvisioningStatusResponse#permission_sets_provisioning_status #permission_sets_provisioning_status} => Array&lt;Types::PermissionSetProvisioningStatusMetadata&gt;
1627
1631
  # * {Types::ListPermissionSetProvisioningStatusResponse#next_token #next_token} => String
1632
+ # * {Types::ListPermissionSetProvisioningStatusResponse#permission_sets_provisioning_status #permission_sets_provisioning_status} => Array&lt;Types::PermissionSetProvisioningStatusMetadata&gt;
1628
1633
  #
1629
1634
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1630
1635
  #
1631
1636
  # @example Request syntax with placeholder values
1632
1637
  #
1633
1638
  # resp = client.list_permission_set_provisioning_status({
1634
- # instance_arn: "InstanceArn", # required
1635
- # max_results: 1,
1636
- # next_token: "Token",
1637
1639
  # filter: {
1638
1640
  # status: "IN_PROGRESS", # accepts IN_PROGRESS, FAILED, SUCCEEDED
1639
1641
  # },
1642
+ # instance_arn: "InstanceArn", # required
1643
+ # max_results: 1,
1644
+ # next_token: "Token",
1640
1645
  # })
1641
1646
  #
1642
1647
  # @example Response structure
1643
1648
  #
1649
+ # resp.next_token #=> String
1644
1650
  # resp.permission_sets_provisioning_status #=> Array
1645
- # resp.permission_sets_provisioning_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1646
- # resp.permission_sets_provisioning_status[0].request_id #=> String
1647
1651
  # resp.permission_sets_provisioning_status[0].created_date #=> Time
1648
- # resp.next_token #=> String
1652
+ # resp.permission_sets_provisioning_status[0].request_id #=> String
1653
+ # resp.permission_sets_provisioning_status[0].status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1649
1654
  #
1650
1655
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatus AWS API Documentation
1651
1656
  #
@@ -1661,21 +1666,21 @@ module Aws::SSOAdmin
1661
1666
  # @option params [required, String] :instance_arn
1662
1667
  # The ARN of the IAM Identity Center instance under which the operation
1663
1668
  # will be executed. For more information about ARNs, see [Amazon
1664
- # Resource Names (ARNs) and AWS Service
1669
+ # Resource Names (ARNs) and Amazon Web Services Service
1665
1670
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1666
- # *AWS General Reference*.
1671
+ # *Amazon Web Services General Reference*.
1672
+ #
1673
+ # @option params [Integer] :max_results
1674
+ # The maximum number of results to display for the assignment.
1667
1675
  #
1668
1676
  # @option params [String] :next_token
1669
1677
  # The pagination token for the list API. Initially the value is null.
1670
1678
  # Use the output of previous API calls to make subsequent calls.
1671
1679
  #
1672
- # @option params [Integer] :max_results
1673
- # The maximum number of results to display for the assignment.
1674
- #
1675
1680
  # @return [Types::ListPermissionSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1676
1681
  #
1677
- # * {Types::ListPermissionSetsResponse#permission_sets #permission_sets} => Array&lt;String&gt;
1678
1682
  # * {Types::ListPermissionSetsResponse#next_token #next_token} => String
1683
+ # * {Types::ListPermissionSetsResponse#permission_sets #permission_sets} => Array&lt;String&gt;
1679
1684
  #
1680
1685
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1681
1686
  #
@@ -1683,15 +1688,15 @@ module Aws::SSOAdmin
1683
1688
  #
1684
1689
  # resp = client.list_permission_sets({
1685
1690
  # instance_arn: "InstanceArn", # required
1686
- # next_token: "Token",
1687
1691
  # max_results: 1,
1692
+ # next_token: "Token",
1688
1693
  # })
1689
1694
  #
1690
1695
  # @example Response structure
1691
1696
  #
1697
+ # resp.next_token #=> String
1692
1698
  # resp.permission_sets #=> Array
1693
1699
  # resp.permission_sets[0] #=> String
1694
- # resp.next_token #=> String
1695
1700
  #
1696
1701
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSets AWS API Documentation
1697
1702
  #
@@ -1702,21 +1707,19 @@ module Aws::SSOAdmin
1702
1707
  req.send_request(options)
1703
1708
  end
1704
1709
 
1705
- # Lists all the permission sets that are provisioned to a specified AWS
1706
- # account.
1710
+ # Lists all the permission sets that are provisioned to a specified
1711
+ # Amazon Web Services account.
1712
+ #
1713
+ # @option params [required, String] :account_id
1714
+ # The identifier of the Amazon Web Services account from which to list
1715
+ # the assignments.
1707
1716
  #
1708
1717
  # @option params [required, String] :instance_arn
1709
1718
  # The ARN of the IAM Identity Center instance under which the operation
1710
1719
  # will be executed. For more information about ARNs, see [Amazon
1711
- # Resource Names (ARNs) and AWS Service
1720
+ # Resource Names (ARNs) and Amazon Web Services Service
1712
1721
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1713
- # *AWS General Reference*.
1714
- #
1715
- # @option params [required, String] :account_id
1716
- # The identifier of the AWS account from which to list the assignments.
1717
- #
1718
- # @option params [String] :provisioning_status
1719
- # The status object for the permission set provisioning operation.
1722
+ # *Amazon Web Services General Reference*.
1720
1723
  #
1721
1724
  # @option params [Integer] :max_results
1722
1725
  # The maximum number of results to display for the assignment.
@@ -1725,6 +1728,9 @@ module Aws::SSOAdmin
1725
1728
  # The pagination token for the list API. Initially the value is null.
1726
1729
  # Use the output of previous API calls to make subsequent calls.
1727
1730
  #
1731
+ # @option params [String] :provisioning_status
1732
+ # The status object for the permission set provisioning operation.
1733
+ #
1728
1734
  # @return [Types::ListPermissionSetsProvisionedToAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1729
1735
  #
1730
1736
  # * {Types::ListPermissionSetsProvisionedToAccountResponse#next_token #next_token} => String
@@ -1735,11 +1741,11 @@ module Aws::SSOAdmin
1735
1741
  # @example Request syntax with placeholder values
1736
1742
  #
1737
1743
  # resp = client.list_permission_sets_provisioned_to_account({
1738
- # instance_arn: "InstanceArn", # required
1739
1744
  # account_id: "AccountId", # required
1740
- # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1745
+ # instance_arn: "InstanceArn", # required
1741
1746
  # max_results: 1,
1742
1747
  # next_token: "Token",
1748
+ # provisioning_status: "LATEST_PERMISSION_SET_PROVISIONED", # accepts LATEST_PERMISSION_SET_PROVISIONED, LATEST_PERMISSION_SET_NOT_PROVISIONED
1743
1749
  # })
1744
1750
  #
1745
1751
  # @example Response structure
@@ -1762,21 +1768,21 @@ module Aws::SSOAdmin
1762
1768
  # @option params [required, String] :instance_arn
1763
1769
  # The ARN of the IAM Identity Center instance under which the operation
1764
1770
  # will be executed. For more information about ARNs, see [Amazon
1765
- # Resource Names (ARNs) and AWS Service
1771
+ # Resource Names (ARNs) and Amazon Web Services Service
1766
1772
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1767
- # *AWS General Reference*.
1768
- #
1769
- # @option params [required, String] :resource_arn
1770
- # The ARN of the resource with the tags to be listed.
1773
+ # *Amazon Web Services General Reference*.
1771
1774
  #
1772
1775
  # @option params [String] :next_token
1773
1776
  # The pagination token for the list API. Initially the value is null.
1774
1777
  # Use the output of previous API calls to make subsequent calls.
1775
1778
  #
1779
+ # @option params [required, String] :resource_arn
1780
+ # The ARN of the resource with the tags to be listed.
1781
+ #
1776
1782
  # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1777
1783
  #
1778
- # * {Types::ListTagsForResourceResponse#tags #tags} => Array&lt;Types::Tag&gt;
1779
1784
  # * {Types::ListTagsForResourceResponse#next_token #next_token} => String
1785
+ # * {Types::ListTagsForResourceResponse#tags #tags} => Array&lt;Types::Tag&gt;
1780
1786
  #
1781
1787
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1782
1788
  #
@@ -1784,16 +1790,16 @@ module Aws::SSOAdmin
1784
1790
  #
1785
1791
  # resp = client.list_tags_for_resource({
1786
1792
  # instance_arn: "InstanceArn", # required
1787
- # resource_arn: "TaggableResourceArn", # required
1788
1793
  # next_token: "Token",
1794
+ # resource_arn: "TaggableResourceArn", # required
1789
1795
  # })
1790
1796
  #
1791
1797
  # @example Response structure
1792
1798
  #
1799
+ # resp.next_token #=> String
1793
1800
  # resp.tags #=> Array
1794
1801
  # resp.tags[0].key #=> String
1795
1802
  # resp.tags[0].value #=> String
1796
- # resp.next_token #=> String
1797
1803
  #
1798
1804
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResource AWS API Documentation
1799
1805
  #
@@ -1810,16 +1816,16 @@ module Aws::SSOAdmin
1810
1816
  # @option params [required, String] :instance_arn
1811
1817
  # The ARN of the IAM Identity Center instance under which the operation
1812
1818
  # will be executed. For more information about ARNs, see [Amazon
1813
- # Resource Names (ARNs) and AWS Service
1819
+ # Resource Names (ARNs) and Amazon Web Services Service
1814
1820
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1815
- # *AWS General Reference*.
1821
+ # *Amazon Web Services General Reference*.
1816
1822
  #
1817
1823
  # @option params [required, String] :permission_set_arn
1818
1824
  # The ARN of the permission set.
1819
1825
  #
1820
1826
  # @option params [String] :target_id
1821
- # TargetID is an AWS account identifier, typically a 10-12 digit string
1822
- # (For example, 123456789012).
1827
+ # TargetID is an Amazon Web Services account identifier, (For example,
1828
+ # 123456789012).
1823
1829
  #
1824
1830
  # @option params [required, String] :target_type
1825
1831
  # The entity type for which the assignment will be created.
@@ -1839,12 +1845,12 @@ module Aws::SSOAdmin
1839
1845
  #
1840
1846
  # @example Response structure
1841
1847
  #
1842
- # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1843
- # resp.permission_set_provisioning_status.request_id #=> String
1844
1848
  # resp.permission_set_provisioning_status.account_id #=> String
1845
- # resp.permission_set_provisioning_status.permission_set_arn #=> String
1846
- # resp.permission_set_provisioning_status.failure_reason #=> String
1847
1849
  # resp.permission_set_provisioning_status.created_date #=> Time
1850
+ # resp.permission_set_provisioning_status.failure_reason #=> String
1851
+ # resp.permission_set_provisioning_status.permission_set_arn #=> String
1852
+ # resp.permission_set_provisioning_status.request_id #=> String
1853
+ # resp.permission_set_provisioning_status.status #=> String, one of "IN_PROGRESS", "FAILED", "SUCCEEDED"
1848
1854
  #
1849
1855
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ProvisionPermissionSet AWS API Documentation
1850
1856
  #
@@ -1864,27 +1870,27 @@ module Aws::SSOAdmin
1864
1870
  #
1865
1871
  # </note>
1866
1872
  #
1873
+ # @option params [required, String] :inline_policy
1874
+ # The inline policy to attach to a PermissionSet.
1875
+ #
1867
1876
  # @option params [required, String] :instance_arn
1868
1877
  # The ARN of the IAM Identity Center instance under which the operation
1869
1878
  # will be executed. For more information about ARNs, see [Amazon
1870
- # Resource Names (ARNs) and AWS Service
1879
+ # Resource Names (ARNs) and Amazon Web Services Service
1871
1880
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1872
- # *AWS General Reference*.
1881
+ # *Amazon Web Services General Reference*.
1873
1882
  #
1874
1883
  # @option params [required, String] :permission_set_arn
1875
1884
  # The ARN of the permission set.
1876
1885
  #
1877
- # @option params [required, String] :inline_policy
1878
- # The inline policy to attach to a PermissionSet.
1879
- #
1880
1886
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1881
1887
  #
1882
1888
  # @example Request syntax with placeholder values
1883
1889
  #
1884
1890
  # resp = client.put_inline_policy_to_permission_set({
1891
+ # inline_policy: "PermissionSetPolicyDocument", # required
1885
1892
  # instance_arn: "InstanceArn", # required
1886
1893
  # permission_set_arn: "PermissionSetArn", # required
1887
- # inline_policy: "PermissionSetPolicyDocument", # required
1888
1894
  # })
1889
1895
  #
1890
1896
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSet AWS API Documentation
@@ -1896,8 +1902,8 @@ module Aws::SSOAdmin
1896
1902
  req.send_request(options)
1897
1903
  end
1898
1904
 
1899
- # Attaches an AWS managed or customer managed policy to the specified
1900
- # PermissionSet as a permissions boundary.
1905
+ # Attaches an Amazon Web Services managed or customer managed policy to
1906
+ # the specified PermissionSet as a permissions boundary.
1901
1907
  #
1902
1908
  # @option params [required, String] :instance_arn
1903
1909
  # The ARN of the IAM Identity Center instance under which the operation
@@ -1939,9 +1945,9 @@ module Aws::SSOAdmin
1939
1945
  # @option params [required, String] :instance_arn
1940
1946
  # The ARN of the IAM Identity Center instance under which the operation
1941
1947
  # will be executed. For more information about ARNs, see [Amazon
1942
- # Resource Names (ARNs) and AWS Service
1948
+ # Resource Names (ARNs) and Amazon Web Services Service
1943
1949
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1944
- # *AWS General Reference*.
1950
+ # *Amazon Web Services General Reference*.
1945
1951
  #
1946
1952
  # @option params [required, String] :resource_arn
1947
1953
  # The ARN of the resource with the tags to be listed.
@@ -1978,9 +1984,9 @@ module Aws::SSOAdmin
1978
1984
  # @option params [required, String] :instance_arn
1979
1985
  # The ARN of the IAM Identity Center instance under which the operation
1980
1986
  # will be executed. For more information about ARNs, see [Amazon
1981
- # Resource Names (ARNs) and AWS Service
1987
+ # Resource Names (ARNs) and Amazon Web Services Service
1982
1988
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1983
- # *AWS General Reference*.
1989
+ # *Amazon Web Services General Reference*.
1984
1990
  #
1985
1991
  # @option params [required, String] :resource_arn
1986
1992
  # The ARN of the resource with the tags to be listed.
@@ -2019,19 +2025,18 @@ module Aws::SSOAdmin
2019
2025
  # Control](/singlesignon/latest/userguide/abac.html) in the *IAM
2020
2026
  # Identity Center User Guide*.
2021
2027
  #
2028
+ # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
2029
+ # Updates the attributes for your ABAC configuration.
2030
+ #
2022
2031
  # @option params [required, String] :instance_arn
2023
2032
  # The ARN of the IAM Identity Center instance under which the operation
2024
2033
  # will be executed.
2025
2034
  #
2026
- # @option params [required, Types::InstanceAccessControlAttributeConfiguration] :instance_access_control_attribute_configuration
2027
- # Updates the attributes for your ABAC configuration.
2028
- #
2029
2035
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2030
2036
  #
2031
2037
  # @example Request syntax with placeholder values
2032
2038
  #
2033
2039
  # resp = client.update_instance_access_control_attribute_configuration({
2034
- # instance_arn: "InstanceArn", # required
2035
2040
  # instance_access_control_attribute_configuration: { # required
2036
2041
  # access_control_attributes: [ # required
2037
2042
  # {
@@ -2042,6 +2047,7 @@ module Aws::SSOAdmin
2042
2047
  # },
2043
2048
  # ],
2044
2049
  # },
2050
+ # instance_arn: "InstanceArn", # required
2045
2051
  # })
2046
2052
  #
2047
2053
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfiguration AWS API Documentation
@@ -2055,37 +2061,37 @@ module Aws::SSOAdmin
2055
2061
 
2056
2062
  # Updates an existing permission set.
2057
2063
  #
2064
+ # @option params [String] :description
2065
+ # The description of the PermissionSet.
2066
+ #
2058
2067
  # @option params [required, String] :instance_arn
2059
2068
  # The ARN of the IAM Identity Center instance under which the operation
2060
2069
  # will be executed. For more information about ARNs, see [Amazon
2061
- # Resource Names (ARNs) and AWS Service
2070
+ # Resource Names (ARNs) and Amazon Web Services Service
2062
2071
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
2063
- # *AWS General Reference*.
2072
+ # *Amazon Web Services General Reference*.
2064
2073
  #
2065
2074
  # @option params [required, String] :permission_set_arn
2066
2075
  # The ARN of the permission set.
2067
2076
  #
2068
- # @option params [String] :description
2069
- # The description of the PermissionSet.
2077
+ # @option params [String] :relay_state
2078
+ # Used to redirect users within the application during the federation
2079
+ # authentication process.
2070
2080
  #
2071
2081
  # @option params [String] :session_duration
2072
2082
  # The length of time that the application user sessions are valid for in
2073
2083
  # the ISO-8601 standard.
2074
2084
  #
2075
- # @option params [String] :relay_state
2076
- # Used to redirect users within the application during the federation
2077
- # authentication process.
2078
- #
2079
2085
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2080
2086
  #
2081
2087
  # @example Request syntax with placeholder values
2082
2088
  #
2083
2089
  # resp = client.update_permission_set({
2090
+ # description: "PermissionSetDescription",
2084
2091
  # instance_arn: "InstanceArn", # required
2085
2092
  # permission_set_arn: "PermissionSetArn", # required
2086
- # description: "PermissionSetDescription",
2087
- # session_duration: "Duration",
2088
2093
  # relay_state: "RelayState",
2094
+ # session_duration: "Duration",
2089
2095
  # })
2090
2096
  #
2091
2097
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSet AWS API Documentation
@@ -2110,7 +2116,7 @@ module Aws::SSOAdmin
2110
2116
  params: params,
2111
2117
  config: config)
2112
2118
  context[:gem_name] = 'aws-sdk-ssoadmin'
2113
- context[:gem_version] = '1.28.0'
2119
+ context[:gem_version] = '1.29.0'
2114
2120
  Seahorse::Client::Request.new(handlers, context)
2115
2121
  end
2116
2122