aws-sdk-ssoadmin 1.28.0 → 1.29.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-ssoadmin/client.rb +285 -279
- data/lib/aws-sdk-ssoadmin/client_api.rb +161 -161
- data/lib/aws-sdk-ssoadmin/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-ssoadmin/endpoint_provider.rb +29 -32
- data/lib/aws-sdk-ssoadmin/types.rb +422 -409
- data/lib/aws-sdk-ssoadmin.rb +1 -1
- metadata +2 -2
@@ -12,11 +12,11 @@ module Aws::SSOAdmin
|
|
12
12
|
|
13
13
|
# These are IAM Identity Center identity store attributes that you can
|
14
14
|
# configure for use in attributes-based access control (ABAC). You can
|
15
|
-
# create permissions policies that determine who can access your
|
16
|
-
# resources based upon the configured attribute values.
|
17
|
-
# ABAC and specify `AccessControlAttributes`, IAM
|
18
|
-
# the attribute values of the authenticated user
|
19
|
-
# policy evaluation.
|
15
|
+
# create permissions policies that determine who can access your Amazon
|
16
|
+
# Web Services resources based upon the configured attribute values.
|
17
|
+
# When you enable ABAC and specify `AccessControlAttributes`, IAM
|
18
|
+
# Identity Center passes the attribute values of the authenticated user
|
19
|
+
# into IAM for use in policy evaluation.
|
20
20
|
#
|
21
21
|
# @!attribute [rw] key
|
22
22
|
# The name of the attribute associated with your identities in your
|
@@ -73,7 +73,7 @@ module Aws::SSOAdmin
|
|
73
73
|
end
|
74
74
|
|
75
75
|
# The assignment that indicates a principal's limited access to a
|
76
|
-
# specified
|
76
|
+
# specified Amazon Web Services account with a specified permission set.
|
77
77
|
#
|
78
78
|
# <note markdown="1"> The term *principal* here refers to a user or group that is defined in
|
79
79
|
# IAM Identity Center.
|
@@ -81,18 +81,14 @@ module Aws::SSOAdmin
|
|
81
81
|
# </note>
|
82
82
|
#
|
83
83
|
# @!attribute [rw] account_id
|
84
|
-
# The identifier of the
|
84
|
+
# The identifier of the Amazon Web Services account.
|
85
85
|
# @return [String]
|
86
86
|
#
|
87
87
|
# @!attribute [rw] permission_set_arn
|
88
88
|
# The ARN of the permission set. For more information about ARNs, see
|
89
|
-
# [Amazon Resource Names (ARNs) and
|
89
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
90
90
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
91
|
-
# *
|
92
|
-
# @return [String]
|
93
|
-
#
|
94
|
-
# @!attribute [rw] principal_type
|
95
|
-
# The entity type for which the assignment will be created.
|
91
|
+
# *Amazon Web Services General Reference*.
|
96
92
|
# @return [String]
|
97
93
|
#
|
98
94
|
# @!attribute [rw] principal_id
|
@@ -104,13 +100,17 @@ module Aws::SSOAdmin
|
|
104
100
|
# Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
|
105
101
|
# @return [String]
|
106
102
|
#
|
103
|
+
# @!attribute [rw] principal_type
|
104
|
+
# The entity type for which the assignment will be created.
|
105
|
+
# @return [String]
|
106
|
+
#
|
107
107
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignment AWS API Documentation
|
108
108
|
#
|
109
109
|
class AccountAssignment < Struct.new(
|
110
110
|
:account_id,
|
111
111
|
:permission_set_arn,
|
112
|
-
:
|
113
|
-
:
|
112
|
+
:principal_id,
|
113
|
+
:principal_type)
|
114
114
|
SENSITIVE = []
|
115
115
|
include Aws::Structure
|
116
116
|
end
|
@@ -118,38 +118,20 @@ module Aws::SSOAdmin
|
|
118
118
|
# The status of the creation or deletion operation of an assignment that
|
119
119
|
# a principal needs to access an account.
|
120
120
|
#
|
121
|
-
# @!attribute [rw]
|
122
|
-
# The
|
123
|
-
# @return [
|
124
|
-
#
|
125
|
-
# @!attribute [rw] request_id
|
126
|
-
# The identifier for tracking the request operation that is generated
|
127
|
-
# by the universally unique identifier (UUID) workflow.
|
128
|
-
# @return [String]
|
121
|
+
# @!attribute [rw] created_date
|
122
|
+
# The date that the permission set was created.
|
123
|
+
# @return [Time]
|
129
124
|
#
|
130
125
|
# @!attribute [rw] failure_reason
|
131
126
|
# The message that contains an error or exception in case of an
|
132
127
|
# operation failure.
|
133
128
|
# @return [String]
|
134
129
|
#
|
135
|
-
# @!attribute [rw] target_id
|
136
|
-
# TargetID is an AWS account identifier, typically a 10-12 digit
|
137
|
-
# string (For example, 123456789012).
|
138
|
-
# @return [String]
|
139
|
-
#
|
140
|
-
# @!attribute [rw] target_type
|
141
|
-
# The entity type for which the assignment will be created.
|
142
|
-
# @return [String]
|
143
|
-
#
|
144
130
|
# @!attribute [rw] permission_set_arn
|
145
131
|
# The ARN of the permission set. For more information about ARNs, see
|
146
|
-
# [Amazon Resource Names (ARNs) and
|
132
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
147
133
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
148
|
-
# *
|
149
|
-
# @return [String]
|
150
|
-
#
|
151
|
-
# @!attribute [rw] principal_type
|
152
|
-
# The entity type for which the assignment will be created.
|
134
|
+
# *Amazon Web Services General Reference*.
|
153
135
|
# @return [String]
|
154
136
|
#
|
155
137
|
# @!attribute [rw] principal_id
|
@@ -161,51 +143,75 @@ module Aws::SSOAdmin
|
|
161
143
|
# Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
|
162
144
|
# @return [String]
|
163
145
|
#
|
164
|
-
# @!attribute [rw]
|
165
|
-
# The
|
166
|
-
# @return [
|
146
|
+
# @!attribute [rw] principal_type
|
147
|
+
# The entity type for which the assignment will be created.
|
148
|
+
# @return [String]
|
149
|
+
#
|
150
|
+
# @!attribute [rw] request_id
|
151
|
+
# The identifier for tracking the request operation that is generated
|
152
|
+
# by the universally unique identifier (UUID) workflow.
|
153
|
+
# @return [String]
|
154
|
+
#
|
155
|
+
# @!attribute [rw] status
|
156
|
+
# The status of the permission set provisioning process.
|
157
|
+
# @return [String]
|
158
|
+
#
|
159
|
+
# @!attribute [rw] target_id
|
160
|
+
# TargetID is an Amazon Web Services account identifier, (For example,
|
161
|
+
# 123456789012).
|
162
|
+
# @return [String]
|
163
|
+
#
|
164
|
+
# @!attribute [rw] target_type
|
165
|
+
# The entity type for which the assignment will be created.
|
166
|
+
# @return [String]
|
167
167
|
#
|
168
168
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignmentOperationStatus AWS API Documentation
|
169
169
|
#
|
170
170
|
class AccountAssignmentOperationStatus < Struct.new(
|
171
|
-
:
|
172
|
-
:request_id,
|
171
|
+
:created_date,
|
173
172
|
:failure_reason,
|
174
|
-
:target_id,
|
175
|
-
:target_type,
|
176
173
|
:permission_set_arn,
|
177
|
-
:principal_type,
|
178
174
|
:principal_id,
|
179
|
-
:
|
175
|
+
:principal_type,
|
176
|
+
:request_id,
|
177
|
+
:status,
|
178
|
+
:target_id,
|
179
|
+
:target_type)
|
180
180
|
SENSITIVE = []
|
181
181
|
include Aws::Structure
|
182
182
|
end
|
183
183
|
|
184
184
|
# Provides information about the AccountAssignment creation request.
|
185
185
|
#
|
186
|
-
# @!attribute [rw]
|
187
|
-
# The
|
188
|
-
# @return [
|
186
|
+
# @!attribute [rw] created_date
|
187
|
+
# The date that the permission set was created.
|
188
|
+
# @return [Time]
|
189
189
|
#
|
190
190
|
# @!attribute [rw] request_id
|
191
191
|
# The identifier for tracking the request operation that is generated
|
192
192
|
# by the universally unique identifier (UUID) workflow.
|
193
193
|
# @return [String]
|
194
194
|
#
|
195
|
-
# @!attribute [rw]
|
196
|
-
# The
|
197
|
-
# @return [
|
195
|
+
# @!attribute [rw] status
|
196
|
+
# The status of the permission set provisioning process.
|
197
|
+
# @return [String]
|
198
198
|
#
|
199
199
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignmentOperationStatusMetadata AWS API Documentation
|
200
200
|
#
|
201
201
|
class AccountAssignmentOperationStatusMetadata < Struct.new(
|
202
|
-
:
|
202
|
+
:created_date,
|
203
203
|
:request_id,
|
204
|
-
:
|
204
|
+
:status)
|
205
205
|
SENSITIVE = []
|
206
206
|
include Aws::Structure
|
207
207
|
end
|
208
208
|
|
209
|
+
# @!attribute [rw] customer_managed_policy_reference
|
210
|
+
# Specifies the name and path of a customer managed policy. You must
|
211
|
+
# have an IAM policy that matches the name and path in each Amazon Web
|
212
|
+
# Services account where you want to deploy your permission set.
|
213
|
+
# @return [Types::CustomerManagedPolicyReference]
|
214
|
+
#
|
209
215
|
# @!attribute [rw] instance_arn
|
210
216
|
# The ARN of the IAM Identity Center instance under which the
|
211
217
|
# operation will be executed.
|
@@ -215,18 +221,12 @@ module Aws::SSOAdmin
|
|
215
221
|
# The ARN of the `PermissionSet`.
|
216
222
|
# @return [String]
|
217
223
|
#
|
218
|
-
# @!attribute [rw] customer_managed_policy_reference
|
219
|
-
# Specifies the name and path of a customer managed policy. You must
|
220
|
-
# have an IAM policy that matches the name and path in each AWS
|
221
|
-
# account where you want to deploy your permission set.
|
222
|
-
# @return [Types::CustomerManagedPolicyReference]
|
223
|
-
#
|
224
224
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSetRequest AWS API Documentation
|
225
225
|
#
|
226
226
|
class AttachCustomerManagedPolicyReferenceToPermissionSetRequest < Struct.new(
|
227
|
+
:customer_managed_policy_reference,
|
227
228
|
:instance_arn,
|
228
|
-
:permission_set_arn
|
229
|
-
:customer_managed_policy_reference)
|
229
|
+
:permission_set_arn)
|
230
230
|
SENSITIVE = []
|
231
231
|
include Aws::Structure
|
232
232
|
end
|
@@ -238,9 +238,14 @@ module Aws::SSOAdmin
|
|
238
238
|
# @!attribute [rw] instance_arn
|
239
239
|
# The ARN of the IAM Identity Center instance under which the
|
240
240
|
# operation will be executed. For more information about ARNs, see
|
241
|
-
# [Amazon Resource Names (ARNs) and
|
241
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
242
242
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
243
|
-
# *
|
243
|
+
# *Amazon Web Services General Reference*.
|
244
|
+
# @return [String]
|
245
|
+
#
|
246
|
+
# @!attribute [rw] managed_policy_arn
|
247
|
+
# The Amazon Web Services managed policy ARN to be attached to a
|
248
|
+
# permission set.
|
244
249
|
# @return [String]
|
245
250
|
#
|
246
251
|
# @!attribute [rw] permission_set_arn
|
@@ -248,16 +253,12 @@ module Aws::SSOAdmin
|
|
248
253
|
# attached to.
|
249
254
|
# @return [String]
|
250
255
|
#
|
251
|
-
# @!attribute [rw] managed_policy_arn
|
252
|
-
# The AWS managed policy ARN to be attached to a permission set.
|
253
|
-
# @return [String]
|
254
|
-
#
|
255
256
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSetRequest AWS API Documentation
|
256
257
|
#
|
257
258
|
class AttachManagedPolicyToPermissionSetRequest < Struct.new(
|
258
259
|
:instance_arn,
|
259
|
-
:
|
260
|
-
:
|
260
|
+
:managed_policy_arn,
|
261
|
+
:permission_set_arn)
|
261
262
|
SENSITIVE = []
|
262
263
|
include Aws::Structure
|
263
264
|
end
|
@@ -266,24 +267,26 @@ module Aws::SSOAdmin
|
|
266
267
|
#
|
267
268
|
class AttachManagedPolicyToPermissionSetResponse < Aws::EmptyStructure; end
|
268
269
|
|
269
|
-
# A structure that stores the details of the
|
270
|
-
#
|
271
|
-
# @!attribute [rw] name
|
272
|
-
# The name of the AWS managed policy.
|
273
|
-
# @return [String]
|
270
|
+
# A structure that stores the details of the Amazon Web Services managed
|
271
|
+
# policy.
|
274
272
|
#
|
275
273
|
# @!attribute [rw] arn
|
276
|
-
# The ARN of the
|
277
|
-
# see [Amazon Resource Names (ARNs) and
|
274
|
+
# The ARN of the Amazon Web Services managed policy. For more
|
275
|
+
# information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
|
276
|
+
# Web Services Service
|
278
277
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
279
|
-
# *
|
278
|
+
# *Amazon Web Services General Reference*.
|
279
|
+
# @return [String]
|
280
|
+
#
|
281
|
+
# @!attribute [rw] name
|
282
|
+
# The name of the Amazon Web Services managed policy.
|
280
283
|
# @return [String]
|
281
284
|
#
|
282
285
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachedManagedPolicy AWS API Documentation
|
283
286
|
#
|
284
287
|
class AttachedManagedPolicy < Struct.new(
|
285
|
-
:
|
286
|
-
:
|
288
|
+
:arn,
|
289
|
+
:name)
|
287
290
|
SENSITIVE = []
|
288
291
|
include Aws::Structure
|
289
292
|
end
|
@@ -308,18 +311,9 @@ module Aws::SSOAdmin
|
|
308
311
|
# @!attribute [rw] instance_arn
|
309
312
|
# The ARN of the IAM Identity Center instance under which the
|
310
313
|
# operation will be executed. For more information about ARNs, see
|
311
|
-
# [Amazon Resource Names (ARNs) and
|
314
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
312
315
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
313
|
-
# *
|
314
|
-
# @return [String]
|
315
|
-
#
|
316
|
-
# @!attribute [rw] target_id
|
317
|
-
# TargetID is an AWS account identifier, typically a 10-12 digit
|
318
|
-
# string (For example, 123456789012).
|
319
|
-
# @return [String]
|
320
|
-
#
|
321
|
-
# @!attribute [rw] target_type
|
322
|
-
# The entity type for which the assignment will be created.
|
316
|
+
# *Amazon Web Services General Reference*.
|
323
317
|
# @return [String]
|
324
318
|
#
|
325
319
|
# @!attribute [rw] permission_set_arn
|
@@ -327,10 +321,6 @@ module Aws::SSOAdmin
|
|
327
321
|
# principal access to.
|
328
322
|
# @return [String]
|
329
323
|
#
|
330
|
-
# @!attribute [rw] principal_type
|
331
|
-
# The entity type for which the assignment will be created.
|
332
|
-
# @return [String]
|
333
|
-
#
|
334
324
|
# @!attribute [rw] principal_id
|
335
325
|
# An identifier for an object in IAM Identity Center, such as a user
|
336
326
|
# or group. PrincipalIds are GUIDs (For example,
|
@@ -340,15 +330,28 @@ module Aws::SSOAdmin
|
|
340
330
|
# Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
|
341
331
|
# @return [String]
|
342
332
|
#
|
333
|
+
# @!attribute [rw] principal_type
|
334
|
+
# The entity type for which the assignment will be created.
|
335
|
+
# @return [String]
|
336
|
+
#
|
337
|
+
# @!attribute [rw] target_id
|
338
|
+
# TargetID is an Amazon Web Services account identifier, (For example,
|
339
|
+
# 123456789012).
|
340
|
+
# @return [String]
|
341
|
+
#
|
342
|
+
# @!attribute [rw] target_type
|
343
|
+
# The entity type for which the assignment will be created.
|
344
|
+
# @return [String]
|
345
|
+
#
|
343
346
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignmentRequest AWS API Documentation
|
344
347
|
#
|
345
348
|
class CreateAccountAssignmentRequest < Struct.new(
|
346
349
|
:instance_arn,
|
347
|
-
:target_id,
|
348
|
-
:target_type,
|
349
350
|
:permission_set_arn,
|
351
|
+
:principal_id,
|
350
352
|
:principal_type,
|
351
|
-
:
|
353
|
+
:target_id,
|
354
|
+
:target_type)
|
352
355
|
SENSITIVE = []
|
353
356
|
include Aws::Structure
|
354
357
|
end
|
@@ -365,11 +368,6 @@ module Aws::SSOAdmin
|
|
365
368
|
include Aws::Structure
|
366
369
|
end
|
367
370
|
|
368
|
-
# @!attribute [rw] instance_arn
|
369
|
-
# The ARN of the IAM Identity Center instance under which the
|
370
|
-
# operation will be executed.
|
371
|
-
# @return [String]
|
372
|
-
#
|
373
371
|
# @!attribute [rw] instance_access_control_attribute_configuration
|
374
372
|
# Specifies the IAM Identity Center identity store attributes to add
|
375
373
|
# to your ABAC configuration. When using an external identity provider
|
@@ -381,11 +379,16 @@ module Aws::SSOAdmin
|
|
381
379
|
# Center identity store.
|
382
380
|
# @return [Types::InstanceAccessControlAttributeConfiguration]
|
383
381
|
#
|
382
|
+
# @!attribute [rw] instance_arn
|
383
|
+
# The ARN of the IAM Identity Center instance under which the
|
384
|
+
# operation will be executed.
|
385
|
+
# @return [String]
|
386
|
+
#
|
384
387
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
|
385
388
|
#
|
386
389
|
class CreateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
|
387
|
-
:
|
388
|
-
:
|
390
|
+
:instance_access_control_attribute_configuration,
|
391
|
+
:instance_arn)
|
389
392
|
SENSITIVE = []
|
390
393
|
include Aws::Structure
|
391
394
|
end
|
@@ -394,10 +397,6 @@ module Aws::SSOAdmin
|
|
394
397
|
#
|
395
398
|
class CreateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
|
396
399
|
|
397
|
-
# @!attribute [rw] name
|
398
|
-
# The name of the PermissionSet.
|
399
|
-
# @return [String]
|
400
|
-
#
|
401
400
|
# @!attribute [rw] description
|
402
401
|
# The description of the PermissionSet.
|
403
402
|
# @return [String]
|
@@ -405,14 +404,13 @@ module Aws::SSOAdmin
|
|
405
404
|
# @!attribute [rw] instance_arn
|
406
405
|
# The ARN of the IAM Identity Center instance under which the
|
407
406
|
# operation will be executed. For more information about ARNs, see
|
408
|
-
# [Amazon Resource Names (ARNs) and
|
407
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
409
408
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
410
|
-
# *
|
409
|
+
# *Amazon Web Services General Reference*.
|
411
410
|
# @return [String]
|
412
411
|
#
|
413
|
-
# @!attribute [rw]
|
414
|
-
# The
|
415
|
-
# the ISO-8601 standard.
|
412
|
+
# @!attribute [rw] name
|
413
|
+
# The name of the PermissionSet.
|
416
414
|
# @return [String]
|
417
415
|
#
|
418
416
|
# @!attribute [rw] relay_state
|
@@ -420,6 +418,11 @@ module Aws::SSOAdmin
|
|
420
418
|
# authentication process.
|
421
419
|
# @return [String]
|
422
420
|
#
|
421
|
+
# @!attribute [rw] session_duration
|
422
|
+
# The length of time that the application user sessions are valid in
|
423
|
+
# the ISO-8601 standard.
|
424
|
+
# @return [String]
|
425
|
+
#
|
423
426
|
# @!attribute [rw] tags
|
424
427
|
# The tags to attach to the new PermissionSet.
|
425
428
|
# @return [Array<Types::Tag>]
|
@@ -427,18 +430,18 @@ module Aws::SSOAdmin
|
|
427
430
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSetRequest AWS API Documentation
|
428
431
|
#
|
429
432
|
class CreatePermissionSetRequest < Struct.new(
|
430
|
-
:name,
|
431
433
|
:description,
|
432
434
|
:instance_arn,
|
433
|
-
:
|
435
|
+
:name,
|
434
436
|
:relay_state,
|
437
|
+
:session_duration,
|
435
438
|
:tags)
|
436
439
|
SENSITIVE = []
|
437
440
|
include Aws::Structure
|
438
441
|
end
|
439
442
|
|
440
443
|
# @!attribute [rw] permission_set
|
441
|
-
# Defines the level of access on an
|
444
|
+
# Defines the level of access on an Amazon Web Services account.
|
442
445
|
# @return [Types::PermissionSet]
|
443
446
|
#
|
444
447
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSetResponse AWS API Documentation
|
@@ -450,8 +453,8 @@ module Aws::SSOAdmin
|
|
450
453
|
end
|
451
454
|
|
452
455
|
# Specifies the name and path of a customer managed policy. You must
|
453
|
-
# have an IAM policy that matches the name and path in each
|
454
|
-
# where you want to deploy your permission set.
|
456
|
+
# have an IAM policy that matches the name and path in each Amazon Web
|
457
|
+
# Services account where you want to deploy your permission set.
|
455
458
|
#
|
456
459
|
# @!attribute [rw] name
|
457
460
|
# The name of the IAM policy that you have configured in each account
|
@@ -481,28 +484,15 @@ module Aws::SSOAdmin
|
|
481
484
|
# @!attribute [rw] instance_arn
|
482
485
|
# The ARN of the IAM Identity Center instance under which the
|
483
486
|
# operation will be executed. For more information about ARNs, see
|
484
|
-
# [Amazon Resource Names (ARNs) and
|
487
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
485
488
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
486
|
-
# *
|
487
|
-
# @return [String]
|
488
|
-
#
|
489
|
-
# @!attribute [rw] target_id
|
490
|
-
# TargetID is an AWS account identifier, typically a 10-12 digit
|
491
|
-
# string (For example, 123456789012).
|
492
|
-
# @return [String]
|
493
|
-
#
|
494
|
-
# @!attribute [rw] target_type
|
495
|
-
# The entity type for which the assignment will be deleted.
|
489
|
+
# *Amazon Web Services General Reference*.
|
496
490
|
# @return [String]
|
497
491
|
#
|
498
492
|
# @!attribute [rw] permission_set_arn
|
499
493
|
# The ARN of the permission set that will be used to remove access.
|
500
494
|
# @return [String]
|
501
495
|
#
|
502
|
-
# @!attribute [rw] principal_type
|
503
|
-
# The entity type for which the assignment will be deleted.
|
504
|
-
# @return [String]
|
505
|
-
#
|
506
496
|
# @!attribute [rw] principal_id
|
507
497
|
# An identifier for an object in IAM Identity Center, such as a user
|
508
498
|
# or group. PrincipalIds are GUIDs (For example,
|
@@ -512,15 +502,28 @@ module Aws::SSOAdmin
|
|
512
502
|
# Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
|
513
503
|
# @return [String]
|
514
504
|
#
|
505
|
+
# @!attribute [rw] principal_type
|
506
|
+
# The entity type for which the assignment will be deleted.
|
507
|
+
# @return [String]
|
508
|
+
#
|
509
|
+
# @!attribute [rw] target_id
|
510
|
+
# TargetID is an Amazon Web Services account identifier, (For example,
|
511
|
+
# 123456789012).
|
512
|
+
# @return [String]
|
513
|
+
#
|
514
|
+
# @!attribute [rw] target_type
|
515
|
+
# The entity type for which the assignment will be deleted.
|
516
|
+
# @return [String]
|
517
|
+
#
|
515
518
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignmentRequest AWS API Documentation
|
516
519
|
#
|
517
520
|
class DeleteAccountAssignmentRequest < Struct.new(
|
518
521
|
:instance_arn,
|
519
|
-
:target_id,
|
520
|
-
:target_type,
|
521
522
|
:permission_set_arn,
|
523
|
+
:principal_id,
|
522
524
|
:principal_type,
|
523
|
-
:
|
525
|
+
:target_id,
|
526
|
+
:target_type)
|
524
527
|
SENSITIVE = []
|
525
528
|
include Aws::Structure
|
526
529
|
end
|
@@ -540,9 +543,9 @@ module Aws::SSOAdmin
|
|
540
543
|
# @!attribute [rw] instance_arn
|
541
544
|
# The ARN of the IAM Identity Center instance under which the
|
542
545
|
# operation will be executed. For more information about ARNs, see
|
543
|
-
# [Amazon Resource Names (ARNs) and
|
546
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
544
547
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
545
|
-
# *
|
548
|
+
# *Amazon Web Services General Reference*.
|
546
549
|
# @return [String]
|
547
550
|
#
|
548
551
|
# @!attribute [rw] permission_set_arn
|
@@ -582,9 +585,9 @@ module Aws::SSOAdmin
|
|
582
585
|
# @!attribute [rw] instance_arn
|
583
586
|
# The ARN of the IAM Identity Center instance under which the
|
584
587
|
# operation will be executed. For more information about ARNs, see
|
585
|
-
# [Amazon Resource Names (ARNs) and
|
588
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
586
589
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
587
|
-
# *
|
590
|
+
# *Amazon Web Services General Reference*.
|
588
591
|
# @return [String]
|
589
592
|
#
|
590
593
|
# @!attribute [rw] permission_set_arn
|
@@ -626,23 +629,23 @@ module Aws::SSOAdmin
|
|
626
629
|
#
|
627
630
|
class DeletePermissionsBoundaryFromPermissionSetResponse < Aws::EmptyStructure; end
|
628
631
|
|
632
|
+
# @!attribute [rw] account_assignment_creation_request_id
|
633
|
+
# The identifier that is used to track the request operation progress.
|
634
|
+
# @return [String]
|
635
|
+
#
|
629
636
|
# @!attribute [rw] instance_arn
|
630
637
|
# The ARN of the IAM Identity Center instance under which the
|
631
638
|
# operation will be executed. For more information about ARNs, see
|
632
|
-
# [Amazon Resource Names (ARNs) and
|
639
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
633
640
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
634
|
-
# *
|
635
|
-
# @return [String]
|
636
|
-
#
|
637
|
-
# @!attribute [rw] account_assignment_creation_request_id
|
638
|
-
# The identifier that is used to track the request operation progress.
|
641
|
+
# *Amazon Web Services General Reference*.
|
639
642
|
# @return [String]
|
640
643
|
#
|
641
644
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatusRequest AWS API Documentation
|
642
645
|
#
|
643
646
|
class DescribeAccountAssignmentCreationStatusRequest < Struct.new(
|
644
|
-
:
|
645
|
-
:
|
647
|
+
:account_assignment_creation_request_id,
|
648
|
+
:instance_arn)
|
646
649
|
SENSITIVE = []
|
647
650
|
include Aws::Structure
|
648
651
|
end
|
@@ -659,23 +662,23 @@ module Aws::SSOAdmin
|
|
659
662
|
include Aws::Structure
|
660
663
|
end
|
661
664
|
|
665
|
+
# @!attribute [rw] account_assignment_deletion_request_id
|
666
|
+
# The identifier that is used to track the request operation progress.
|
667
|
+
# @return [String]
|
668
|
+
#
|
662
669
|
# @!attribute [rw] instance_arn
|
663
670
|
# The ARN of the IAM Identity Center instance under which the
|
664
671
|
# operation will be executed. For more information about ARNs, see
|
665
|
-
# [Amazon Resource Names (ARNs) and
|
672
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
666
673
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
667
|
-
# *
|
668
|
-
# @return [String]
|
669
|
-
#
|
670
|
-
# @!attribute [rw] account_assignment_deletion_request_id
|
671
|
-
# The identifier that is used to track the request operation progress.
|
674
|
+
# *Amazon Web Services General Reference*.
|
672
675
|
# @return [String]
|
673
676
|
#
|
674
677
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatusRequest AWS API Documentation
|
675
678
|
#
|
676
679
|
class DescribeAccountAssignmentDeletionStatusRequest < Struct.new(
|
677
|
-
:
|
678
|
-
:
|
680
|
+
:account_assignment_deletion_request_id,
|
681
|
+
:instance_arn)
|
679
682
|
SENSITIVE = []
|
680
683
|
include Aws::Structure
|
681
684
|
end
|
@@ -705,6 +708,11 @@ module Aws::SSOAdmin
|
|
705
708
|
include Aws::Structure
|
706
709
|
end
|
707
710
|
|
711
|
+
# @!attribute [rw] instance_access_control_attribute_configuration
|
712
|
+
# Gets the list of IAM Identity Center identity store attributes that
|
713
|
+
# have been added to your ABAC configuration.
|
714
|
+
# @return [Types::InstanceAccessControlAttributeConfiguration]
|
715
|
+
#
|
708
716
|
# @!attribute [rw] status
|
709
717
|
# The status of the attribute configuration process.
|
710
718
|
# @return [String]
|
@@ -714,17 +722,12 @@ module Aws::SSOAdmin
|
|
714
722
|
# attribute.
|
715
723
|
# @return [String]
|
716
724
|
#
|
717
|
-
# @!attribute [rw] instance_access_control_attribute_configuration
|
718
|
-
# Gets the list of IAM Identity Center identity store attributes that
|
719
|
-
# have been added to your ABAC configuration.
|
720
|
-
# @return [Types::InstanceAccessControlAttributeConfiguration]
|
721
|
-
#
|
722
725
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
|
723
726
|
#
|
724
727
|
class DescribeInstanceAccessControlAttributeConfigurationResponse < Struct.new(
|
728
|
+
:instance_access_control_attribute_configuration,
|
725
729
|
:status,
|
726
|
-
:status_reason
|
727
|
-
:instance_access_control_attribute_configuration)
|
730
|
+
:status_reason)
|
728
731
|
SENSITIVE = []
|
729
732
|
include Aws::Structure
|
730
733
|
end
|
@@ -732,9 +735,9 @@ module Aws::SSOAdmin
|
|
732
735
|
# @!attribute [rw] instance_arn
|
733
736
|
# The ARN of the IAM Identity Center instance under which the
|
734
737
|
# operation will be executed. For more information about ARNs, see
|
735
|
-
# [Amazon Resource Names (ARNs) and
|
738
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
736
739
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
737
|
-
# *
|
740
|
+
# *Amazon Web Services General Reference*.
|
738
741
|
# @return [String]
|
739
742
|
#
|
740
743
|
# @!attribute [rw] provision_permission_set_request_id
|
@@ -766,9 +769,9 @@ module Aws::SSOAdmin
|
|
766
769
|
# @!attribute [rw] instance_arn
|
767
770
|
# The ARN of the IAM Identity Center instance under which the
|
768
771
|
# operation will be executed. For more information about ARNs, see
|
769
|
-
# [Amazon Resource Names (ARNs) and
|
772
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
770
773
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
771
|
-
# *
|
774
|
+
# *Amazon Web Services General Reference*.
|
772
775
|
# @return [String]
|
773
776
|
#
|
774
777
|
# @!attribute [rw] permission_set_arn
|
@@ -785,7 +788,7 @@ module Aws::SSOAdmin
|
|
785
788
|
end
|
786
789
|
|
787
790
|
# @!attribute [rw] permission_set
|
788
|
-
# Describes the level of access on an
|
791
|
+
# Describes the level of access on an Amazon Web Services account.
|
789
792
|
# @return [Types::PermissionSet]
|
790
793
|
#
|
791
794
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetResponse AWS API Documentation
|
@@ -796,6 +799,12 @@ module Aws::SSOAdmin
|
|
796
799
|
include Aws::Structure
|
797
800
|
end
|
798
801
|
|
802
|
+
# @!attribute [rw] customer_managed_policy_reference
|
803
|
+
# Specifies the name and path of a customer managed policy. You must
|
804
|
+
# have an IAM policy that matches the name and path in each Amazon Web
|
805
|
+
# Services account where you want to deploy your permission set.
|
806
|
+
# @return [Types::CustomerManagedPolicyReference]
|
807
|
+
#
|
799
808
|
# @!attribute [rw] instance_arn
|
800
809
|
# The ARN of the IAM Identity Center instance under which the
|
801
810
|
# operation will be executed.
|
@@ -805,18 +814,12 @@ module Aws::SSOAdmin
|
|
805
814
|
# The ARN of the `PermissionSet`.
|
806
815
|
# @return [String]
|
807
816
|
#
|
808
|
-
# @!attribute [rw] customer_managed_policy_reference
|
809
|
-
# Specifies the name and path of a customer managed policy. You must
|
810
|
-
# have an IAM policy that matches the name and path in each AWS
|
811
|
-
# account where you want to deploy your permission set.
|
812
|
-
# @return [Types::CustomerManagedPolicyReference]
|
813
|
-
#
|
814
817
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSetRequest AWS API Documentation
|
815
818
|
#
|
816
819
|
class DetachCustomerManagedPolicyReferenceFromPermissionSetRequest < Struct.new(
|
820
|
+
:customer_managed_policy_reference,
|
817
821
|
:instance_arn,
|
818
|
-
:permission_set_arn
|
819
|
-
:customer_managed_policy_reference)
|
822
|
+
:permission_set_arn)
|
820
823
|
SENSITIVE = []
|
821
824
|
include Aws::Structure
|
822
825
|
end
|
@@ -828,9 +831,14 @@ module Aws::SSOAdmin
|
|
828
831
|
# @!attribute [rw] instance_arn
|
829
832
|
# The ARN of the IAM Identity Center instance under which the
|
830
833
|
# operation will be executed. For more information about ARNs, see
|
831
|
-
# [Amazon Resource Names (ARNs) and
|
834
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
832
835
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
833
|
-
# *
|
836
|
+
# *Amazon Web Services General Reference*.
|
837
|
+
# @return [String]
|
838
|
+
#
|
839
|
+
# @!attribute [rw] managed_policy_arn
|
840
|
+
# The Amazon Web Services managed policy ARN to be detached from a
|
841
|
+
# permission set.
|
834
842
|
# @return [String]
|
835
843
|
#
|
836
844
|
# @!attribute [rw] permission_set_arn
|
@@ -838,16 +846,12 @@ module Aws::SSOAdmin
|
|
838
846
|
# detached.
|
839
847
|
# @return [String]
|
840
848
|
#
|
841
|
-
# @!attribute [rw] managed_policy_arn
|
842
|
-
# The AWS managed policy ARN to be detached from a permission set.
|
843
|
-
# @return [String]
|
844
|
-
#
|
845
849
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSetRequest AWS API Documentation
|
846
850
|
#
|
847
851
|
class DetachManagedPolicyFromPermissionSetRequest < Struct.new(
|
848
852
|
:instance_arn,
|
849
|
-
:
|
850
|
-
:
|
853
|
+
:managed_policy_arn,
|
854
|
+
:permission_set_arn)
|
851
855
|
SENSITIVE = []
|
852
856
|
include Aws::Structure
|
853
857
|
end
|
@@ -859,9 +863,9 @@ module Aws::SSOAdmin
|
|
859
863
|
# @!attribute [rw] instance_arn
|
860
864
|
# The ARN of the IAM Identity Center instance under which the
|
861
865
|
# operation will be executed. For more information about ARNs, see
|
862
|
-
# [Amazon Resource Names (ARNs) and
|
866
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
863
867
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
864
|
-
# *
|
868
|
+
# *Amazon Web Services General Reference*.
|
865
869
|
# @return [String]
|
866
870
|
#
|
867
871
|
# @!attribute [rw] permission_set_arn
|
@@ -879,6 +883,12 @@ module Aws::SSOAdmin
|
|
879
883
|
|
880
884
|
# @!attribute [rw] inline_policy
|
881
885
|
# The inline policy that is attached to the permission set.
|
886
|
+
#
|
887
|
+
# <note markdown="1"> For `Length Constraints`, if a valid ARN is provided for a
|
888
|
+
# permission set, it is possible for an empty inline policy to be
|
889
|
+
# returned.
|
890
|
+
#
|
891
|
+
# </note>
|
882
892
|
# @return [String]
|
883
893
|
#
|
884
894
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetInlinePolicyForPermissionSetResponse AWS API Documentation
|
@@ -937,24 +947,24 @@ module Aws::SSOAdmin
|
|
937
947
|
|
938
948
|
# Provides information about the IAM Identity Center instance.
|
939
949
|
#
|
950
|
+
# @!attribute [rw] identity_store_id
|
951
|
+
# The identifier of the identity store that is connected to the IAM
|
952
|
+
# Identity Center instance.
|
953
|
+
# @return [String]
|
954
|
+
#
|
940
955
|
# @!attribute [rw] instance_arn
|
941
956
|
# The ARN of the IAM Identity Center instance under which the
|
942
957
|
# operation will be executed. For more information about ARNs, see
|
943
|
-
# [Amazon Resource Names (ARNs) and
|
958
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
944
959
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
945
|
-
# *
|
946
|
-
# @return [String]
|
947
|
-
#
|
948
|
-
# @!attribute [rw] identity_store_id
|
949
|
-
# The identifier of the identity store that is connected to the IAM
|
950
|
-
# Identity Center instance.
|
960
|
+
# *Amazon Web Services General Reference*.
|
951
961
|
# @return [String]
|
952
962
|
#
|
953
963
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/InstanceMetadata AWS API Documentation
|
954
964
|
#
|
955
965
|
class InstanceMetadata < Struct.new(
|
956
|
-
:
|
957
|
-
:
|
966
|
+
:identity_store_id,
|
967
|
+
:instance_arn)
|
958
968
|
SENSITIVE = []
|
959
969
|
include Aws::Structure
|
960
970
|
end
|
@@ -973,12 +983,16 @@ module Aws::SSOAdmin
|
|
973
983
|
include Aws::Structure
|
974
984
|
end
|
975
985
|
|
986
|
+
# @!attribute [rw] filter
|
987
|
+
# Filters results based on the passed attribute value.
|
988
|
+
# @return [Types::OperationStatusFilter]
|
989
|
+
#
|
976
990
|
# @!attribute [rw] instance_arn
|
977
991
|
# The ARN of the IAM Identity Center instance under which the
|
978
992
|
# operation will be executed. For more information about ARNs, see
|
979
|
-
# [Amazon Resource Names (ARNs) and
|
993
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
980
994
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
981
|
-
# *
|
995
|
+
# *Amazon Web Services General Reference*.
|
982
996
|
# @return [String]
|
983
997
|
#
|
984
998
|
# @!attribute [rw] max_results
|
@@ -990,17 +1004,13 @@ module Aws::SSOAdmin
|
|
990
1004
|
# Use the output of previous API calls to make subsequent calls.
|
991
1005
|
# @return [String]
|
992
1006
|
#
|
993
|
-
# @!attribute [rw] filter
|
994
|
-
# Filters results based on the passed attribute value.
|
995
|
-
# @return [Types::OperationStatusFilter]
|
996
|
-
#
|
997
1007
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatusRequest AWS API Documentation
|
998
1008
|
#
|
999
1009
|
class ListAccountAssignmentCreationStatusRequest < Struct.new(
|
1010
|
+
:filter,
|
1000
1011
|
:instance_arn,
|
1001
1012
|
:max_results,
|
1002
|
-
:next_token
|
1003
|
-
:filter)
|
1013
|
+
:next_token)
|
1004
1014
|
SENSITIVE = []
|
1005
1015
|
include Aws::Structure
|
1006
1016
|
end
|
@@ -1023,12 +1033,16 @@ module Aws::SSOAdmin
|
|
1023
1033
|
include Aws::Structure
|
1024
1034
|
end
|
1025
1035
|
|
1036
|
+
# @!attribute [rw] filter
|
1037
|
+
# Filters results based on the passed attribute value.
|
1038
|
+
# @return [Types::OperationStatusFilter]
|
1039
|
+
#
|
1026
1040
|
# @!attribute [rw] instance_arn
|
1027
1041
|
# The ARN of the IAM Identity Center instance under which the
|
1028
1042
|
# operation will be executed. For more information about ARNs, see
|
1029
|
-
# [Amazon Resource Names (ARNs) and
|
1043
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1030
1044
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1031
|
-
# *
|
1045
|
+
# *Amazon Web Services General Reference*.
|
1032
1046
|
# @return [String]
|
1033
1047
|
#
|
1034
1048
|
# @!attribute [rw] max_results
|
@@ -1040,17 +1054,13 @@ module Aws::SSOAdmin
|
|
1040
1054
|
# Use the output of previous API calls to make subsequent calls.
|
1041
1055
|
# @return [String]
|
1042
1056
|
#
|
1043
|
-
# @!attribute [rw] filter
|
1044
|
-
# Filters results based on the passed attribute value.
|
1045
|
-
# @return [Types::OperationStatusFilter]
|
1046
|
-
#
|
1047
1057
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatusRequest AWS API Documentation
|
1048
1058
|
#
|
1049
1059
|
class ListAccountAssignmentDeletionStatusRequest < Struct.new(
|
1060
|
+
:filter,
|
1050
1061
|
:instance_arn,
|
1051
1062
|
:max_results,
|
1052
|
-
:next_token
|
1053
|
-
:filter)
|
1063
|
+
:next_token)
|
1054
1064
|
SENSITIVE = []
|
1055
1065
|
include Aws::Structure
|
1056
1066
|
end
|
@@ -1073,21 +1083,17 @@ module Aws::SSOAdmin
|
|
1073
1083
|
include Aws::Structure
|
1074
1084
|
end
|
1075
1085
|
|
1086
|
+
# @!attribute [rw] account_id
|
1087
|
+
# The identifier of the Amazon Web Services account from which to list
|
1088
|
+
# the assignments.
|
1089
|
+
# @return [String]
|
1090
|
+
#
|
1076
1091
|
# @!attribute [rw] instance_arn
|
1077
1092
|
# The ARN of the IAM Identity Center instance under which the
|
1078
1093
|
# operation will be executed. For more information about ARNs, see
|
1079
|
-
# [Amazon Resource Names (ARNs) and
|
1094
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1080
1095
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1081
|
-
# *
|
1082
|
-
# @return [String]
|
1083
|
-
#
|
1084
|
-
# @!attribute [rw] account_id
|
1085
|
-
# The identifier of the AWS account from which to list the
|
1086
|
-
# assignments.
|
1087
|
-
# @return [String]
|
1088
|
-
#
|
1089
|
-
# @!attribute [rw] permission_set_arn
|
1090
|
-
# The ARN of the permission set from which to list assignments.
|
1096
|
+
# *Amazon Web Services General Reference*.
|
1091
1097
|
# @return [String]
|
1092
1098
|
#
|
1093
1099
|
# @!attribute [rw] max_results
|
@@ -1099,21 +1105,25 @@ module Aws::SSOAdmin
|
|
1099
1105
|
# Use the output of previous API calls to make subsequent calls.
|
1100
1106
|
# @return [String]
|
1101
1107
|
#
|
1108
|
+
# @!attribute [rw] permission_set_arn
|
1109
|
+
# The ARN of the permission set from which to list assignments.
|
1110
|
+
# @return [String]
|
1111
|
+
#
|
1102
1112
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentsRequest AWS API Documentation
|
1103
1113
|
#
|
1104
1114
|
class ListAccountAssignmentsRequest < Struct.new(
|
1105
|
-
:instance_arn,
|
1106
1115
|
:account_id,
|
1107
|
-
:
|
1116
|
+
:instance_arn,
|
1108
1117
|
:max_results,
|
1109
|
-
:next_token
|
1118
|
+
:next_token,
|
1119
|
+
:permission_set_arn)
|
1110
1120
|
SENSITIVE = []
|
1111
1121
|
include Aws::Structure
|
1112
1122
|
end
|
1113
1123
|
|
1114
1124
|
# @!attribute [rw] account_assignments
|
1115
|
-
# The list of assignments that match the input
|
1116
|
-
# permission set.
|
1125
|
+
# The list of assignments that match the input Amazon Web Services
|
1126
|
+
# account and permission set.
|
1117
1127
|
# @return [Array<Types::AccountAssignment>]
|
1118
1128
|
#
|
1119
1129
|
# @!attribute [rw] next_token
|
@@ -1133,18 +1143,9 @@ module Aws::SSOAdmin
|
|
1133
1143
|
# @!attribute [rw] instance_arn
|
1134
1144
|
# The ARN of the IAM Identity Center instance under which the
|
1135
1145
|
# operation will be executed. For more information about ARNs, see
|
1136
|
-
# [Amazon Resource Names (ARNs) and
|
1146
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1137
1147
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1138
|
-
# *
|
1139
|
-
# @return [String]
|
1140
|
-
#
|
1141
|
-
# @!attribute [rw] permission_set_arn
|
1142
|
-
# The ARN of the PermissionSet from which the associated AWS accounts
|
1143
|
-
# will be listed.
|
1144
|
-
# @return [String]
|
1145
|
-
#
|
1146
|
-
# @!attribute [rw] provisioning_status
|
1147
|
-
# The permission set provisioning status for an AWS account.
|
1148
|
+
# *Amazon Web Services General Reference*.
|
1148
1149
|
# @return [String]
|
1149
1150
|
#
|
1150
1151
|
# @!attribute [rw] max_results
|
@@ -1156,20 +1157,30 @@ module Aws::SSOAdmin
|
|
1156
1157
|
# Use the output of previous API calls to make subsequent calls.
|
1157
1158
|
# @return [String]
|
1158
1159
|
#
|
1160
|
+
# @!attribute [rw] permission_set_arn
|
1161
|
+
# The ARN of the PermissionSet from which the associated Amazon Web
|
1162
|
+
# Services accounts will be listed.
|
1163
|
+
# @return [String]
|
1164
|
+
#
|
1165
|
+
# @!attribute [rw] provisioning_status
|
1166
|
+
# The permission set provisioning status for an Amazon Web Services
|
1167
|
+
# account.
|
1168
|
+
# @return [String]
|
1169
|
+
#
|
1159
1170
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountsForProvisionedPermissionSetRequest AWS API Documentation
|
1160
1171
|
#
|
1161
1172
|
class ListAccountsForProvisionedPermissionSetRequest < Struct.new(
|
1162
1173
|
:instance_arn,
|
1163
|
-
:permission_set_arn,
|
1164
|
-
:provisioning_status,
|
1165
1174
|
:max_results,
|
1166
|
-
:next_token
|
1175
|
+
:next_token,
|
1176
|
+
:permission_set_arn,
|
1177
|
+
:provisioning_status)
|
1167
1178
|
SENSITIVE = []
|
1168
1179
|
include Aws::Structure
|
1169
1180
|
end
|
1170
1181
|
|
1171
1182
|
# @!attribute [rw] account_ids
|
1172
|
-
# The list of
|
1183
|
+
# The list of Amazon Web Services `AccountIds`.
|
1173
1184
|
# @return [Array<String>]
|
1174
1185
|
#
|
1175
1186
|
# @!attribute [rw] next_token
|
@@ -1191,10 +1202,6 @@ module Aws::SSOAdmin
|
|
1191
1202
|
# operation will be executed.
|
1192
1203
|
# @return [String]
|
1193
1204
|
#
|
1194
|
-
# @!attribute [rw] permission_set_arn
|
1195
|
-
# The ARN of the `PermissionSet`.
|
1196
|
-
# @return [String]
|
1197
|
-
#
|
1198
1205
|
# @!attribute [rw] max_results
|
1199
1206
|
# The maximum number of results to display for the list call.
|
1200
1207
|
# @return [Integer]
|
@@ -1204,13 +1211,17 @@ module Aws::SSOAdmin
|
|
1204
1211
|
# Use the output of previous API calls to make subsequent calls.
|
1205
1212
|
# @return [String]
|
1206
1213
|
#
|
1214
|
+
# @!attribute [rw] permission_set_arn
|
1215
|
+
# The ARN of the `PermissionSet`.
|
1216
|
+
# @return [String]
|
1217
|
+
#
|
1207
1218
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListCustomerManagedPolicyReferencesInPermissionSetRequest AWS API Documentation
|
1208
1219
|
#
|
1209
1220
|
class ListCustomerManagedPolicyReferencesInPermissionSetRequest < Struct.new(
|
1210
1221
|
:instance_arn,
|
1211
|
-
:permission_set_arn,
|
1212
1222
|
:max_results,
|
1213
|
-
:next_token
|
1223
|
+
:next_token,
|
1224
|
+
:permission_set_arn)
|
1214
1225
|
SENSITIVE = []
|
1215
1226
|
include Aws::Structure
|
1216
1227
|
end
|
@@ -1274,13 +1285,9 @@ module Aws::SSOAdmin
|
|
1274
1285
|
# @!attribute [rw] instance_arn
|
1275
1286
|
# The ARN of the IAM Identity Center instance under which the
|
1276
1287
|
# operation will be executed. For more information about ARNs, see
|
1277
|
-
# [Amazon Resource Names (ARNs) and
|
1288
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1278
1289
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1279
|
-
# *
|
1280
|
-
# @return [String]
|
1281
|
-
#
|
1282
|
-
# @!attribute [rw] permission_set_arn
|
1283
|
-
# The ARN of the PermissionSet whose managed policies will be listed.
|
1290
|
+
# *Amazon Web Services General Reference*.
|
1284
1291
|
# @return [String]
|
1285
1292
|
#
|
1286
1293
|
# @!attribute [rw] max_results
|
@@ -1292,13 +1299,17 @@ module Aws::SSOAdmin
|
|
1292
1299
|
# Use the output of previous API calls to make subsequent calls.
|
1293
1300
|
# @return [String]
|
1294
1301
|
#
|
1302
|
+
# @!attribute [rw] permission_set_arn
|
1303
|
+
# The ARN of the PermissionSet whose managed policies will be listed.
|
1304
|
+
# @return [String]
|
1305
|
+
#
|
1295
1306
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSetRequest AWS API Documentation
|
1296
1307
|
#
|
1297
1308
|
class ListManagedPoliciesInPermissionSetRequest < Struct.new(
|
1298
1309
|
:instance_arn,
|
1299
|
-
:permission_set_arn,
|
1300
1310
|
:max_results,
|
1301
|
-
:next_token
|
1311
|
+
:next_token,
|
1312
|
+
:permission_set_arn)
|
1302
1313
|
SENSITIVE = []
|
1303
1314
|
include Aws::Structure
|
1304
1315
|
end
|
@@ -1321,12 +1332,16 @@ module Aws::SSOAdmin
|
|
1321
1332
|
include Aws::Structure
|
1322
1333
|
end
|
1323
1334
|
|
1335
|
+
# @!attribute [rw] filter
|
1336
|
+
# Filters results based on the passed attribute value.
|
1337
|
+
# @return [Types::OperationStatusFilter]
|
1338
|
+
#
|
1324
1339
|
# @!attribute [rw] instance_arn
|
1325
1340
|
# The ARN of the IAM Identity Center instance under which the
|
1326
1341
|
# operation will be executed. For more information about ARNs, see
|
1327
|
-
# [Amazon Resource Names (ARNs) and
|
1342
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1328
1343
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1329
|
-
# *
|
1344
|
+
# *Amazon Web Services General Reference*.
|
1330
1345
|
# @return [String]
|
1331
1346
|
#
|
1332
1347
|
# @!attribute [rw] max_results
|
@@ -1338,54 +1353,46 @@ module Aws::SSOAdmin
|
|
1338
1353
|
# Use the output of previous API calls to make subsequent calls.
|
1339
1354
|
# @return [String]
|
1340
1355
|
#
|
1341
|
-
# @!attribute [rw] filter
|
1342
|
-
# Filters results based on the passed attribute value.
|
1343
|
-
# @return [Types::OperationStatusFilter]
|
1344
|
-
#
|
1345
1356
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatusRequest AWS API Documentation
|
1346
1357
|
#
|
1347
1358
|
class ListPermissionSetProvisioningStatusRequest < Struct.new(
|
1359
|
+
:filter,
|
1348
1360
|
:instance_arn,
|
1349
1361
|
:max_results,
|
1350
|
-
:next_token
|
1351
|
-
:filter)
|
1362
|
+
:next_token)
|
1352
1363
|
SENSITIVE = []
|
1353
1364
|
include Aws::Structure
|
1354
1365
|
end
|
1355
1366
|
|
1356
|
-
# @!attribute [rw] permission_sets_provisioning_status
|
1357
|
-
# The status object for the permission set provisioning operation.
|
1358
|
-
# @return [Array<Types::PermissionSetProvisioningStatusMetadata>]
|
1359
|
-
#
|
1360
1367
|
# @!attribute [rw] next_token
|
1361
1368
|
# The pagination token for the list API. Initially the value is null.
|
1362
1369
|
# Use the output of previous API calls to make subsequent calls.
|
1363
1370
|
# @return [String]
|
1364
1371
|
#
|
1372
|
+
# @!attribute [rw] permission_sets_provisioning_status
|
1373
|
+
# The status object for the permission set provisioning operation.
|
1374
|
+
# @return [Array<Types::PermissionSetProvisioningStatusMetadata>]
|
1375
|
+
#
|
1365
1376
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatusResponse AWS API Documentation
|
1366
1377
|
#
|
1367
1378
|
class ListPermissionSetProvisioningStatusResponse < Struct.new(
|
1368
|
-
:
|
1369
|
-
:
|
1379
|
+
:next_token,
|
1380
|
+
:permission_sets_provisioning_status)
|
1370
1381
|
SENSITIVE = []
|
1371
1382
|
include Aws::Structure
|
1372
1383
|
end
|
1373
1384
|
|
1385
|
+
# @!attribute [rw] account_id
|
1386
|
+
# The identifier of the Amazon Web Services account from which to list
|
1387
|
+
# the assignments.
|
1388
|
+
# @return [String]
|
1389
|
+
#
|
1374
1390
|
# @!attribute [rw] instance_arn
|
1375
1391
|
# The ARN of the IAM Identity Center instance under which the
|
1376
1392
|
# operation will be executed. For more information about ARNs, see
|
1377
|
-
# [Amazon Resource Names (ARNs) and
|
1393
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1378
1394
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1379
|
-
# *
|
1380
|
-
# @return [String]
|
1381
|
-
#
|
1382
|
-
# @!attribute [rw] account_id
|
1383
|
-
# The identifier of the AWS account from which to list the
|
1384
|
-
# assignments.
|
1385
|
-
# @return [String]
|
1386
|
-
#
|
1387
|
-
# @!attribute [rw] provisioning_status
|
1388
|
-
# The status object for the permission set provisioning operation.
|
1395
|
+
# *Amazon Web Services General Reference*.
|
1389
1396
|
# @return [String]
|
1390
1397
|
#
|
1391
1398
|
# @!attribute [rw] max_results
|
@@ -1397,14 +1404,18 @@ module Aws::SSOAdmin
|
|
1397
1404
|
# Use the output of previous API calls to make subsequent calls.
|
1398
1405
|
# @return [String]
|
1399
1406
|
#
|
1407
|
+
# @!attribute [rw] provisioning_status
|
1408
|
+
# The status object for the permission set provisioning operation.
|
1409
|
+
# @return [String]
|
1410
|
+
#
|
1400
1411
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccountRequest AWS API Documentation
|
1401
1412
|
#
|
1402
1413
|
class ListPermissionSetsProvisionedToAccountRequest < Struct.new(
|
1403
|
-
:instance_arn,
|
1404
1414
|
:account_id,
|
1405
|
-
:
|
1415
|
+
:instance_arn,
|
1406
1416
|
:max_results,
|
1407
|
-
:next_token
|
1417
|
+
:next_token,
|
1418
|
+
:provisioning_status)
|
1408
1419
|
SENSITIVE = []
|
1409
1420
|
include Aws::Structure
|
1410
1421
|
end
|
@@ -1415,7 +1426,7 @@ module Aws::SSOAdmin
|
|
1415
1426
|
# @return [String]
|
1416
1427
|
#
|
1417
1428
|
# @!attribute [rw] permission_sets
|
1418
|
-
# Defines the level of access that an
|
1429
|
+
# Defines the level of access that an Amazon Web Services account has.
|
1419
1430
|
# @return [Array<String>]
|
1420
1431
|
#
|
1421
1432
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccountResponse AWS API Documentation
|
@@ -1430,44 +1441,44 @@ module Aws::SSOAdmin
|
|
1430
1441
|
# @!attribute [rw] instance_arn
|
1431
1442
|
# The ARN of the IAM Identity Center instance under which the
|
1432
1443
|
# operation will be executed. For more information about ARNs, see
|
1433
|
-
# [Amazon Resource Names (ARNs) and
|
1444
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1434
1445
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1435
|
-
# *
|
1446
|
+
# *Amazon Web Services General Reference*.
|
1436
1447
|
# @return [String]
|
1437
1448
|
#
|
1449
|
+
# @!attribute [rw] max_results
|
1450
|
+
# The maximum number of results to display for the assignment.
|
1451
|
+
# @return [Integer]
|
1452
|
+
#
|
1438
1453
|
# @!attribute [rw] next_token
|
1439
1454
|
# The pagination token for the list API. Initially the value is null.
|
1440
1455
|
# Use the output of previous API calls to make subsequent calls.
|
1441
1456
|
# @return [String]
|
1442
1457
|
#
|
1443
|
-
# @!attribute [rw] max_results
|
1444
|
-
# The maximum number of results to display for the assignment.
|
1445
|
-
# @return [Integer]
|
1446
|
-
#
|
1447
1458
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsRequest AWS API Documentation
|
1448
1459
|
#
|
1449
1460
|
class ListPermissionSetsRequest < Struct.new(
|
1450
1461
|
:instance_arn,
|
1451
|
-
:
|
1452
|
-
:
|
1462
|
+
:max_results,
|
1463
|
+
:next_token)
|
1453
1464
|
SENSITIVE = []
|
1454
1465
|
include Aws::Structure
|
1455
1466
|
end
|
1456
1467
|
|
1457
|
-
# @!attribute [rw] permission_sets
|
1458
|
-
# Defines the level of access on an AWS account.
|
1459
|
-
# @return [Array<String>]
|
1460
|
-
#
|
1461
1468
|
# @!attribute [rw] next_token
|
1462
1469
|
# The pagination token for the list API. Initially the value is null.
|
1463
1470
|
# Use the output of previous API calls to make subsequent calls.
|
1464
1471
|
# @return [String]
|
1465
1472
|
#
|
1473
|
+
# @!attribute [rw] permission_sets
|
1474
|
+
# Defines the level of access on an Amazon Web Services account.
|
1475
|
+
# @return [Array<String>]
|
1476
|
+
#
|
1466
1477
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsResponse AWS API Documentation
|
1467
1478
|
#
|
1468
1479
|
class ListPermissionSetsResponse < Struct.new(
|
1469
|
-
:
|
1470
|
-
:
|
1480
|
+
:next_token,
|
1481
|
+
:permission_sets)
|
1471
1482
|
SENSITIVE = []
|
1472
1483
|
include Aws::Structure
|
1473
1484
|
end
|
@@ -1475,13 +1486,9 @@ module Aws::SSOAdmin
|
|
1475
1486
|
# @!attribute [rw] instance_arn
|
1476
1487
|
# The ARN of the IAM Identity Center instance under which the
|
1477
1488
|
# operation will be executed. For more information about ARNs, see
|
1478
|
-
# [Amazon Resource Names (ARNs) and
|
1489
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1479
1490
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1480
|
-
# *
|
1481
|
-
# @return [String]
|
1482
|
-
#
|
1483
|
-
# @!attribute [rw] resource_arn
|
1484
|
-
# The ARN of the resource with the tags to be listed.
|
1491
|
+
# *Amazon Web Services General Reference*.
|
1485
1492
|
# @return [String]
|
1486
1493
|
#
|
1487
1494
|
# @!attribute [rw] next_token
|
@@ -1489,30 +1496,34 @@ module Aws::SSOAdmin
|
|
1489
1496
|
# Use the output of previous API calls to make subsequent calls.
|
1490
1497
|
# @return [String]
|
1491
1498
|
#
|
1499
|
+
# @!attribute [rw] resource_arn
|
1500
|
+
# The ARN of the resource with the tags to be listed.
|
1501
|
+
# @return [String]
|
1502
|
+
#
|
1492
1503
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResourceRequest AWS API Documentation
|
1493
1504
|
#
|
1494
1505
|
class ListTagsForResourceRequest < Struct.new(
|
1495
1506
|
:instance_arn,
|
1496
|
-
:
|
1497
|
-
:
|
1507
|
+
:next_token,
|
1508
|
+
:resource_arn)
|
1498
1509
|
SENSITIVE = []
|
1499
1510
|
include Aws::Structure
|
1500
1511
|
end
|
1501
1512
|
|
1502
|
-
# @!attribute [rw] tags
|
1503
|
-
# A set of key-value pairs that are used to manage the resource.
|
1504
|
-
# @return [Array<Types::Tag>]
|
1505
|
-
#
|
1506
1513
|
# @!attribute [rw] next_token
|
1507
1514
|
# The pagination token for the list API. Initially the value is null.
|
1508
1515
|
# Use the output of previous API calls to make subsequent calls.
|
1509
1516
|
# @return [String]
|
1510
1517
|
#
|
1518
|
+
# @!attribute [rw] tags
|
1519
|
+
# A set of key-value pairs that are used to manage the resource.
|
1520
|
+
# @return [Array<Types::Tag>]
|
1521
|
+
#
|
1511
1522
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResourceResponse AWS API Documentation
|
1512
1523
|
#
|
1513
1524
|
class ListTagsForResourceResponse < Struct.new(
|
1514
|
-
:
|
1515
|
-
:
|
1525
|
+
:next_token,
|
1526
|
+
:tags)
|
1516
1527
|
SENSITIVE = []
|
1517
1528
|
include Aws::Structure
|
1518
1529
|
end
|
@@ -1533,44 +1544,44 @@ module Aws::SSOAdmin
|
|
1533
1544
|
|
1534
1545
|
# An entity that contains IAM policies.
|
1535
1546
|
#
|
1547
|
+
# @!attribute [rw] created_date
|
1548
|
+
# The date that the permission set was created.
|
1549
|
+
# @return [Time]
|
1550
|
+
#
|
1551
|
+
# @!attribute [rw] description
|
1552
|
+
# The description of the PermissionSet.
|
1553
|
+
# @return [String]
|
1554
|
+
#
|
1536
1555
|
# @!attribute [rw] name
|
1537
1556
|
# The name of the permission set.
|
1538
1557
|
# @return [String]
|
1539
1558
|
#
|
1540
1559
|
# @!attribute [rw] permission_set_arn
|
1541
1560
|
# The ARN of the permission set. For more information about ARNs, see
|
1542
|
-
# [Amazon Resource Names (ARNs) and
|
1561
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1543
1562
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1544
|
-
# *
|
1563
|
+
# *Amazon Web Services General Reference*.
|
1545
1564
|
# @return [String]
|
1546
1565
|
#
|
1547
|
-
# @!attribute [rw]
|
1548
|
-
#
|
1566
|
+
# @!attribute [rw] relay_state
|
1567
|
+
# Used to redirect users within the application during the federation
|
1568
|
+
# authentication process.
|
1549
1569
|
# @return [String]
|
1550
1570
|
#
|
1551
|
-
# @!attribute [rw] created_date
|
1552
|
-
# The date that the permission set was created.
|
1553
|
-
# @return [Time]
|
1554
|
-
#
|
1555
1571
|
# @!attribute [rw] session_duration
|
1556
1572
|
# The length of time that the application user sessions are valid for
|
1557
1573
|
# in the ISO-8601 standard.
|
1558
1574
|
# @return [String]
|
1559
1575
|
#
|
1560
|
-
# @!attribute [rw] relay_state
|
1561
|
-
# Used to redirect users within the application during the federation
|
1562
|
-
# authentication process.
|
1563
|
-
# @return [String]
|
1564
|
-
#
|
1565
1576
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSet AWS API Documentation
|
1566
1577
|
#
|
1567
1578
|
class PermissionSet < Struct.new(
|
1579
|
+
:created_date,
|
1580
|
+
:description,
|
1568
1581
|
:name,
|
1569
1582
|
:permission_set_arn,
|
1570
|
-
:
|
1571
|
-
:
|
1572
|
-
:session_duration,
|
1573
|
-
:relay_state)
|
1583
|
+
:relay_state,
|
1584
|
+
:session_duration)
|
1574
1585
|
SENSITIVE = []
|
1575
1586
|
include Aws::Structure
|
1576
1587
|
end
|
@@ -1578,82 +1589,83 @@ module Aws::SSOAdmin
|
|
1578
1589
|
# A structure that is used to provide the status of the provisioning
|
1579
1590
|
# operation for a specified permission set.
|
1580
1591
|
#
|
1581
|
-
# @!attribute [rw]
|
1582
|
-
# The
|
1592
|
+
# @!attribute [rw] account_id
|
1593
|
+
# The identifier of the Amazon Web Services account from which to list
|
1594
|
+
# the assignments.
|
1583
1595
|
# @return [String]
|
1584
1596
|
#
|
1585
|
-
# @!attribute [rw]
|
1586
|
-
# The
|
1587
|
-
#
|
1588
|
-
# @return [String]
|
1597
|
+
# @!attribute [rw] created_date
|
1598
|
+
# The date that the permission set was created.
|
1599
|
+
# @return [Time]
|
1589
1600
|
#
|
1590
|
-
# @!attribute [rw]
|
1591
|
-
# The
|
1592
|
-
#
|
1601
|
+
# @!attribute [rw] failure_reason
|
1602
|
+
# The message that contains an error or exception in case of an
|
1603
|
+
# operation failure.
|
1593
1604
|
# @return [String]
|
1594
1605
|
#
|
1595
1606
|
# @!attribute [rw] permission_set_arn
|
1596
1607
|
# The ARN of the permission set that is being provisioned. For more
|
1597
|
-
# information about ARNs, see [Amazon Resource Names (ARNs) and
|
1598
|
-
# Service
|
1599
|
-
# in the
|
1608
|
+
# information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
|
1609
|
+
# Web Services Service
|
1610
|
+
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1611
|
+
# *Amazon Web Services General Reference*.
|
1600
1612
|
# @return [String]
|
1601
1613
|
#
|
1602
|
-
# @!attribute [rw]
|
1603
|
-
# The
|
1604
|
-
#
|
1614
|
+
# @!attribute [rw] request_id
|
1615
|
+
# The identifier for tracking the request operation that is generated
|
1616
|
+
# by the universally unique identifier (UUID) workflow.
|
1605
1617
|
# @return [String]
|
1606
1618
|
#
|
1607
|
-
# @!attribute [rw]
|
1608
|
-
# The
|
1609
|
-
# @return [
|
1619
|
+
# @!attribute [rw] status
|
1620
|
+
# The status of the permission set provisioning process.
|
1621
|
+
# @return [String]
|
1610
1622
|
#
|
1611
1623
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSetProvisioningStatus AWS API Documentation
|
1612
1624
|
#
|
1613
1625
|
class PermissionSetProvisioningStatus < Struct.new(
|
1614
|
-
:status,
|
1615
|
-
:request_id,
|
1616
1626
|
:account_id,
|
1617
|
-
:
|
1627
|
+
:created_date,
|
1618
1628
|
:failure_reason,
|
1619
|
-
:
|
1629
|
+
:permission_set_arn,
|
1630
|
+
:request_id,
|
1631
|
+
:status)
|
1620
1632
|
SENSITIVE = []
|
1621
1633
|
include Aws::Structure
|
1622
1634
|
end
|
1623
1635
|
|
1624
1636
|
# Provides information about the permission set provisioning status.
|
1625
1637
|
#
|
1626
|
-
# @!attribute [rw]
|
1627
|
-
# The
|
1628
|
-
# @return [
|
1638
|
+
# @!attribute [rw] created_date
|
1639
|
+
# The date that the permission set was created.
|
1640
|
+
# @return [Time]
|
1629
1641
|
#
|
1630
1642
|
# @!attribute [rw] request_id
|
1631
1643
|
# The identifier for tracking the request operation that is generated
|
1632
1644
|
# by the universally unique identifier (UUID) workflow.
|
1633
1645
|
# @return [String]
|
1634
1646
|
#
|
1635
|
-
# @!attribute [rw]
|
1636
|
-
# The
|
1637
|
-
# @return [
|
1647
|
+
# @!attribute [rw] status
|
1648
|
+
# The status of the permission set provisioning process.
|
1649
|
+
# @return [String]
|
1638
1650
|
#
|
1639
1651
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSetProvisioningStatusMetadata AWS API Documentation
|
1640
1652
|
#
|
1641
1653
|
class PermissionSetProvisioningStatusMetadata < Struct.new(
|
1642
|
-
:
|
1654
|
+
:created_date,
|
1643
1655
|
:request_id,
|
1644
|
-
:
|
1656
|
+
:status)
|
1645
1657
|
SENSITIVE = []
|
1646
1658
|
include Aws::Structure
|
1647
1659
|
end
|
1648
1660
|
|
1649
|
-
# Specifies the configuration of the
|
1650
|
-
# policy that you want to set as a permissions
|
1651
|
-
# `CustomerManagedPolicyReference` to use the
|
1652
|
-
# customer managed policy, or `ManagedPolicyArn` to
|
1653
|
-
#
|
1654
|
-
# permissions that any policy can grant
|
1655
|
-
# see [Permissions boundaries for IAM
|
1656
|
-
# Guide*.
|
1661
|
+
# Specifies the configuration of the Amazon Web Services managed or
|
1662
|
+
# customer managed policy that you want to set as a permissions
|
1663
|
+
# boundary. Specify either `CustomerManagedPolicyReference` to use the
|
1664
|
+
# name and path of a customer managed policy, or `ManagedPolicyArn` to
|
1665
|
+
# use the ARN of an Amazon Web Services managed policy. A permissions
|
1666
|
+
# boundary represents the maximum permissions that any policy can grant
|
1667
|
+
# your role. For more information, see [Permissions boundaries for IAM
|
1668
|
+
# entities][1] in the *IAM User Guide*.
|
1657
1669
|
#
|
1658
1670
|
# Policies used as permissions boundaries don't provide permissions.
|
1659
1671
|
# You must also attach an IAM policy to the role. To learn how the
|
@@ -1667,13 +1679,13 @@ module Aws::SSOAdmin
|
|
1667
1679
|
#
|
1668
1680
|
# @!attribute [rw] customer_managed_policy_reference
|
1669
1681
|
# Specifies the name and path of a customer managed policy. You must
|
1670
|
-
# have an IAM policy that matches the name and path in each
|
1671
|
-
# account where you want to deploy your permission set.
|
1682
|
+
# have an IAM policy that matches the name and path in each Amazon Web
|
1683
|
+
# Services account where you want to deploy your permission set.
|
1672
1684
|
# @return [Types::CustomerManagedPolicyReference]
|
1673
1685
|
#
|
1674
1686
|
# @!attribute [rw] managed_policy_arn
|
1675
|
-
# The
|
1676
|
-
# set as a permissions boundary.
|
1687
|
+
# The Amazon Web Services managed policy ARN that you want to attach
|
1688
|
+
# to a permission set as a permissions boundary.
|
1677
1689
|
# @return [String]
|
1678
1690
|
#
|
1679
1691
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionsBoundary AWS API Documentation
|
@@ -1688,9 +1700,9 @@ module Aws::SSOAdmin
|
|
1688
1700
|
# @!attribute [rw] instance_arn
|
1689
1701
|
# The ARN of the IAM Identity Center instance under which the
|
1690
1702
|
# operation will be executed. For more information about ARNs, see
|
1691
|
-
# [Amazon Resource Names (ARNs) and
|
1703
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1692
1704
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1693
|
-
# *
|
1705
|
+
# *Amazon Web Services General Reference*.
|
1694
1706
|
# @return [String]
|
1695
1707
|
#
|
1696
1708
|
# @!attribute [rw] permission_set_arn
|
@@ -1698,8 +1710,8 @@ module Aws::SSOAdmin
|
|
1698
1710
|
# @return [String]
|
1699
1711
|
#
|
1700
1712
|
# @!attribute [rw] target_id
|
1701
|
-
# TargetID is an
|
1702
|
-
#
|
1713
|
+
# TargetID is an Amazon Web Services account identifier, (For example,
|
1714
|
+
# 123456789012).
|
1703
1715
|
# @return [String]
|
1704
1716
|
#
|
1705
1717
|
# @!attribute [rw] target_type
|
@@ -1729,28 +1741,28 @@ module Aws::SSOAdmin
|
|
1729
1741
|
include Aws::Structure
|
1730
1742
|
end
|
1731
1743
|
|
1744
|
+
# @!attribute [rw] inline_policy
|
1745
|
+
# The inline policy to attach to a PermissionSet.
|
1746
|
+
# @return [String]
|
1747
|
+
#
|
1732
1748
|
# @!attribute [rw] instance_arn
|
1733
1749
|
# The ARN of the IAM Identity Center instance under which the
|
1734
1750
|
# operation will be executed. For more information about ARNs, see
|
1735
|
-
# [Amazon Resource Names (ARNs) and
|
1751
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1736
1752
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1737
|
-
# *
|
1753
|
+
# *Amazon Web Services General Reference*.
|
1738
1754
|
# @return [String]
|
1739
1755
|
#
|
1740
1756
|
# @!attribute [rw] permission_set_arn
|
1741
1757
|
# The ARN of the permission set.
|
1742
1758
|
# @return [String]
|
1743
1759
|
#
|
1744
|
-
# @!attribute [rw] inline_policy
|
1745
|
-
# The inline policy to attach to a PermissionSet.
|
1746
|
-
# @return [String]
|
1747
|
-
#
|
1748
1760
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSetRequest AWS API Documentation
|
1749
1761
|
#
|
1750
1762
|
class PutInlinePolicyToPermissionSetRequest < Struct.new(
|
1763
|
+
:inline_policy,
|
1751
1764
|
:instance_arn,
|
1752
|
-
:permission_set_arn
|
1753
|
-
:inline_policy)
|
1765
|
+
:permission_set_arn)
|
1754
1766
|
SENSITIVE = []
|
1755
1767
|
include Aws::Structure
|
1756
1768
|
end
|
@@ -1816,7 +1828,8 @@ module Aws::SSOAdmin
|
|
1816
1828
|
|
1817
1829
|
# A set of key-value pairs that are used to manage the resource. Tags
|
1818
1830
|
# can only be applied to permission sets and cannot be applied to
|
1819
|
-
# corresponding roles that IAM Identity Center creates in
|
1831
|
+
# corresponding roles that IAM Identity Center creates in Amazon Web
|
1832
|
+
# Services accounts.
|
1820
1833
|
#
|
1821
1834
|
# @!attribute [rw] key
|
1822
1835
|
# The key for the tag.
|
@@ -1838,9 +1851,9 @@ module Aws::SSOAdmin
|
|
1838
1851
|
# @!attribute [rw] instance_arn
|
1839
1852
|
# The ARN of the IAM Identity Center instance under which the
|
1840
1853
|
# operation will be executed. For more information about ARNs, see
|
1841
|
-
# [Amazon Resource Names (ARNs) and
|
1854
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1842
1855
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1843
|
-
# *
|
1856
|
+
# *Amazon Web Services General Reference*.
|
1844
1857
|
# @return [String]
|
1845
1858
|
#
|
1846
1859
|
# @!attribute [rw] resource_arn
|
@@ -1882,9 +1895,9 @@ module Aws::SSOAdmin
|
|
1882
1895
|
# @!attribute [rw] instance_arn
|
1883
1896
|
# The ARN of the IAM Identity Center instance under which the
|
1884
1897
|
# operation will be executed. For more information about ARNs, see
|
1885
|
-
# [Amazon Resource Names (ARNs) and
|
1898
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1886
1899
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1887
|
-
# *
|
1900
|
+
# *Amazon Web Services General Reference*.
|
1888
1901
|
# @return [String]
|
1889
1902
|
#
|
1890
1903
|
# @!attribute [rw] resource_arn
|
@@ -1909,20 +1922,20 @@ module Aws::SSOAdmin
|
|
1909
1922
|
#
|
1910
1923
|
class UntagResourceResponse < Aws::EmptyStructure; end
|
1911
1924
|
|
1925
|
+
# @!attribute [rw] instance_access_control_attribute_configuration
|
1926
|
+
# Updates the attributes for your ABAC configuration.
|
1927
|
+
# @return [Types::InstanceAccessControlAttributeConfiguration]
|
1928
|
+
#
|
1912
1929
|
# @!attribute [rw] instance_arn
|
1913
1930
|
# The ARN of the IAM Identity Center instance under which the
|
1914
1931
|
# operation will be executed.
|
1915
1932
|
# @return [String]
|
1916
1933
|
#
|
1917
|
-
# @!attribute [rw] instance_access_control_attribute_configuration
|
1918
|
-
# Updates the attributes for your ABAC configuration.
|
1919
|
-
# @return [Types::InstanceAccessControlAttributeConfiguration]
|
1920
|
-
#
|
1921
1934
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
|
1922
1935
|
#
|
1923
1936
|
class UpdateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
|
1924
|
-
:
|
1925
|
-
:
|
1937
|
+
:instance_access_control_attribute_configuration,
|
1938
|
+
:instance_arn)
|
1926
1939
|
SENSITIVE = []
|
1927
1940
|
include Aws::Structure
|
1928
1941
|
end
|
@@ -1931,20 +1944,25 @@ module Aws::SSOAdmin
|
|
1931
1944
|
#
|
1932
1945
|
class UpdateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
|
1933
1946
|
|
1947
|
+
# @!attribute [rw] description
|
1948
|
+
# The description of the PermissionSet.
|
1949
|
+
# @return [String]
|
1950
|
+
#
|
1934
1951
|
# @!attribute [rw] instance_arn
|
1935
1952
|
# The ARN of the IAM Identity Center instance under which the
|
1936
1953
|
# operation will be executed. For more information about ARNs, see
|
1937
|
-
# [Amazon Resource Names (ARNs) and
|
1954
|
+
# [Amazon Resource Names (ARNs) and Amazon Web Services Service
|
1938
1955
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
1939
|
-
# *
|
1956
|
+
# *Amazon Web Services General Reference*.
|
1940
1957
|
# @return [String]
|
1941
1958
|
#
|
1942
1959
|
# @!attribute [rw] permission_set_arn
|
1943
1960
|
# The ARN of the permission set.
|
1944
1961
|
# @return [String]
|
1945
1962
|
#
|
1946
|
-
# @!attribute [rw]
|
1947
|
-
#
|
1963
|
+
# @!attribute [rw] relay_state
|
1964
|
+
# Used to redirect users within the application during the federation
|
1965
|
+
# authentication process.
|
1948
1966
|
# @return [String]
|
1949
1967
|
#
|
1950
1968
|
# @!attribute [rw] session_duration
|
@@ -1952,19 +1970,14 @@ module Aws::SSOAdmin
|
|
1952
1970
|
# in the ISO-8601 standard.
|
1953
1971
|
# @return [String]
|
1954
1972
|
#
|
1955
|
-
# @!attribute [rw] relay_state
|
1956
|
-
# Used to redirect users within the application during the federation
|
1957
|
-
# authentication process.
|
1958
|
-
# @return [String]
|
1959
|
-
#
|
1960
1973
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSetRequest AWS API Documentation
|
1961
1974
|
#
|
1962
1975
|
class UpdatePermissionSetRequest < Struct.new(
|
1976
|
+
:description,
|
1963
1977
|
:instance_arn,
|
1964
1978
|
:permission_set_arn,
|
1965
|
-
:
|
1966
|
-
:session_duration
|
1967
|
-
:relay_state)
|
1979
|
+
:relay_state,
|
1980
|
+
:session_duration)
|
1968
1981
|
SENSITIVE = []
|
1969
1982
|
include Aws::Structure
|
1970
1983
|
end
|