aws-sdk-ssoadmin 1.28.0 → 1.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -12,11 +12,11 @@ module Aws::SSOAdmin
12
12
 
13
13
  # These are IAM Identity Center identity store attributes that you can
14
14
  # configure for use in attributes-based access control (ABAC). You can
15
- # create permissions policies that determine who can access your AWS
16
- # resources based upon the configured attribute values. When you enable
17
- # ABAC and specify `AccessControlAttributes`, IAM Identity Center passes
18
- # the attribute values of the authenticated user into IAM for use in
19
- # policy evaluation.
15
+ # create permissions policies that determine who can access your Amazon
16
+ # Web Services resources based upon the configured attribute values.
17
+ # When you enable ABAC and specify `AccessControlAttributes`, IAM
18
+ # Identity Center passes the attribute values of the authenticated user
19
+ # into IAM for use in policy evaluation.
20
20
  #
21
21
  # @!attribute [rw] key
22
22
  # The name of the attribute associated with your identities in your
@@ -73,7 +73,7 @@ module Aws::SSOAdmin
73
73
  end
74
74
 
75
75
  # The assignment that indicates a principal's limited access to a
76
- # specified AWS account with a specified permission set.
76
+ # specified Amazon Web Services account with a specified permission set.
77
77
  #
78
78
  # <note markdown="1"> The term *principal* here refers to a user or group that is defined in
79
79
  # IAM Identity Center.
@@ -81,18 +81,14 @@ module Aws::SSOAdmin
81
81
  # </note>
82
82
  #
83
83
  # @!attribute [rw] account_id
84
- # The identifier of the AWS account.
84
+ # The identifier of the Amazon Web Services account.
85
85
  # @return [String]
86
86
  #
87
87
  # @!attribute [rw] permission_set_arn
88
88
  # The ARN of the permission set. For more information about ARNs, see
89
- # [Amazon Resource Names (ARNs) and AWS Service
89
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
90
90
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
91
- # *AWS General Reference*.
92
- # @return [String]
93
- #
94
- # @!attribute [rw] principal_type
95
- # The entity type for which the assignment will be created.
91
+ # *Amazon Web Services General Reference*.
96
92
  # @return [String]
97
93
  #
98
94
  # @!attribute [rw] principal_id
@@ -104,13 +100,17 @@ module Aws::SSOAdmin
104
100
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
105
101
  # @return [String]
106
102
  #
103
+ # @!attribute [rw] principal_type
104
+ # The entity type for which the assignment will be created.
105
+ # @return [String]
106
+ #
107
107
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignment AWS API Documentation
108
108
  #
109
109
  class AccountAssignment < Struct.new(
110
110
  :account_id,
111
111
  :permission_set_arn,
112
- :principal_type,
113
- :principal_id)
112
+ :principal_id,
113
+ :principal_type)
114
114
  SENSITIVE = []
115
115
  include Aws::Structure
116
116
  end
@@ -118,38 +118,20 @@ module Aws::SSOAdmin
118
118
  # The status of the creation or deletion operation of an assignment that
119
119
  # a principal needs to access an account.
120
120
  #
121
- # @!attribute [rw] status
122
- # The status of the permission set provisioning process.
123
- # @return [String]
124
- #
125
- # @!attribute [rw] request_id
126
- # The identifier for tracking the request operation that is generated
127
- # by the universally unique identifier (UUID) workflow.
128
- # @return [String]
121
+ # @!attribute [rw] created_date
122
+ # The date that the permission set was created.
123
+ # @return [Time]
129
124
  #
130
125
  # @!attribute [rw] failure_reason
131
126
  # The message that contains an error or exception in case of an
132
127
  # operation failure.
133
128
  # @return [String]
134
129
  #
135
- # @!attribute [rw] target_id
136
- # TargetID is an AWS account identifier, typically a 10-12 digit
137
- # string (For example, 123456789012).
138
- # @return [String]
139
- #
140
- # @!attribute [rw] target_type
141
- # The entity type for which the assignment will be created.
142
- # @return [String]
143
- #
144
130
  # @!attribute [rw] permission_set_arn
145
131
  # The ARN of the permission set. For more information about ARNs, see
146
- # [Amazon Resource Names (ARNs) and AWS Service
132
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
147
133
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
148
- # *AWS General Reference*.
149
- # @return [String]
150
- #
151
- # @!attribute [rw] principal_type
152
- # The entity type for which the assignment will be created.
134
+ # *Amazon Web Services General Reference*.
153
135
  # @return [String]
154
136
  #
155
137
  # @!attribute [rw] principal_id
@@ -161,51 +143,75 @@ module Aws::SSOAdmin
161
143
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
162
144
  # @return [String]
163
145
  #
164
- # @!attribute [rw] created_date
165
- # The date that the permission set was created.
166
- # @return [Time]
146
+ # @!attribute [rw] principal_type
147
+ # The entity type for which the assignment will be created.
148
+ # @return [String]
149
+ #
150
+ # @!attribute [rw] request_id
151
+ # The identifier for tracking the request operation that is generated
152
+ # by the universally unique identifier (UUID) workflow.
153
+ # @return [String]
154
+ #
155
+ # @!attribute [rw] status
156
+ # The status of the permission set provisioning process.
157
+ # @return [String]
158
+ #
159
+ # @!attribute [rw] target_id
160
+ # TargetID is an Amazon Web Services account identifier, (For example,
161
+ # 123456789012).
162
+ # @return [String]
163
+ #
164
+ # @!attribute [rw] target_type
165
+ # The entity type for which the assignment will be created.
166
+ # @return [String]
167
167
  #
168
168
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignmentOperationStatus AWS API Documentation
169
169
  #
170
170
  class AccountAssignmentOperationStatus < Struct.new(
171
- :status,
172
- :request_id,
171
+ :created_date,
173
172
  :failure_reason,
174
- :target_id,
175
- :target_type,
176
173
  :permission_set_arn,
177
- :principal_type,
178
174
  :principal_id,
179
- :created_date)
175
+ :principal_type,
176
+ :request_id,
177
+ :status,
178
+ :target_id,
179
+ :target_type)
180
180
  SENSITIVE = []
181
181
  include Aws::Structure
182
182
  end
183
183
 
184
184
  # Provides information about the AccountAssignment creation request.
185
185
  #
186
- # @!attribute [rw] status
187
- # The status of the permission set provisioning process.
188
- # @return [String]
186
+ # @!attribute [rw] created_date
187
+ # The date that the permission set was created.
188
+ # @return [Time]
189
189
  #
190
190
  # @!attribute [rw] request_id
191
191
  # The identifier for tracking the request operation that is generated
192
192
  # by the universally unique identifier (UUID) workflow.
193
193
  # @return [String]
194
194
  #
195
- # @!attribute [rw] created_date
196
- # The date that the permission set was created.
197
- # @return [Time]
195
+ # @!attribute [rw] status
196
+ # The status of the permission set provisioning process.
197
+ # @return [String]
198
198
  #
199
199
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccountAssignmentOperationStatusMetadata AWS API Documentation
200
200
  #
201
201
  class AccountAssignmentOperationStatusMetadata < Struct.new(
202
- :status,
202
+ :created_date,
203
203
  :request_id,
204
- :created_date)
204
+ :status)
205
205
  SENSITIVE = []
206
206
  include Aws::Structure
207
207
  end
208
208
 
209
+ # @!attribute [rw] customer_managed_policy_reference
210
+ # Specifies the name and path of a customer managed policy. You must
211
+ # have an IAM policy that matches the name and path in each Amazon Web
212
+ # Services account where you want to deploy your permission set.
213
+ # @return [Types::CustomerManagedPolicyReference]
214
+ #
209
215
  # @!attribute [rw] instance_arn
210
216
  # The ARN of the IAM Identity Center instance under which the
211
217
  # operation will be executed.
@@ -215,18 +221,12 @@ module Aws::SSOAdmin
215
221
  # The ARN of the `PermissionSet`.
216
222
  # @return [String]
217
223
  #
218
- # @!attribute [rw] customer_managed_policy_reference
219
- # Specifies the name and path of a customer managed policy. You must
220
- # have an IAM policy that matches the name and path in each AWS
221
- # account where you want to deploy your permission set.
222
- # @return [Types::CustomerManagedPolicyReference]
223
- #
224
224
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSetRequest AWS API Documentation
225
225
  #
226
226
  class AttachCustomerManagedPolicyReferenceToPermissionSetRequest < Struct.new(
227
+ :customer_managed_policy_reference,
227
228
  :instance_arn,
228
- :permission_set_arn,
229
- :customer_managed_policy_reference)
229
+ :permission_set_arn)
230
230
  SENSITIVE = []
231
231
  include Aws::Structure
232
232
  end
@@ -238,9 +238,14 @@ module Aws::SSOAdmin
238
238
  # @!attribute [rw] instance_arn
239
239
  # The ARN of the IAM Identity Center instance under which the
240
240
  # operation will be executed. For more information about ARNs, see
241
- # [Amazon Resource Names (ARNs) and AWS Service
241
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
242
242
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
243
- # *AWS General Reference*.
243
+ # *Amazon Web Services General Reference*.
244
+ # @return [String]
245
+ #
246
+ # @!attribute [rw] managed_policy_arn
247
+ # The Amazon Web Services managed policy ARN to be attached to a
248
+ # permission set.
244
249
  # @return [String]
245
250
  #
246
251
  # @!attribute [rw] permission_set_arn
@@ -248,16 +253,12 @@ module Aws::SSOAdmin
248
253
  # attached to.
249
254
  # @return [String]
250
255
  #
251
- # @!attribute [rw] managed_policy_arn
252
- # The AWS managed policy ARN to be attached to a permission set.
253
- # @return [String]
254
- #
255
256
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSetRequest AWS API Documentation
256
257
  #
257
258
  class AttachManagedPolicyToPermissionSetRequest < Struct.new(
258
259
  :instance_arn,
259
- :permission_set_arn,
260
- :managed_policy_arn)
260
+ :managed_policy_arn,
261
+ :permission_set_arn)
261
262
  SENSITIVE = []
262
263
  include Aws::Structure
263
264
  end
@@ -266,24 +267,26 @@ module Aws::SSOAdmin
266
267
  #
267
268
  class AttachManagedPolicyToPermissionSetResponse < Aws::EmptyStructure; end
268
269
 
269
- # A structure that stores the details of the AWS managed policy.
270
- #
271
- # @!attribute [rw] name
272
- # The name of the AWS managed policy.
273
- # @return [String]
270
+ # A structure that stores the details of the Amazon Web Services managed
271
+ # policy.
274
272
  #
275
273
  # @!attribute [rw] arn
276
- # The ARN of the AWS managed policy. For more information about ARNs,
277
- # see [Amazon Resource Names (ARNs) and AWS Service
274
+ # The ARN of the Amazon Web Services managed policy. For more
275
+ # information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
276
+ # Web Services Service
278
277
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
279
- # *AWS General Reference*.
278
+ # *Amazon Web Services General Reference*.
279
+ # @return [String]
280
+ #
281
+ # @!attribute [rw] name
282
+ # The name of the Amazon Web Services managed policy.
280
283
  # @return [String]
281
284
  #
282
285
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachedManagedPolicy AWS API Documentation
283
286
  #
284
287
  class AttachedManagedPolicy < Struct.new(
285
- :name,
286
- :arn)
288
+ :arn,
289
+ :name)
287
290
  SENSITIVE = []
288
291
  include Aws::Structure
289
292
  end
@@ -308,18 +311,9 @@ module Aws::SSOAdmin
308
311
  # @!attribute [rw] instance_arn
309
312
  # The ARN of the IAM Identity Center instance under which the
310
313
  # operation will be executed. For more information about ARNs, see
311
- # [Amazon Resource Names (ARNs) and AWS Service
314
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
312
315
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
313
- # *AWS General Reference*.
314
- # @return [String]
315
- #
316
- # @!attribute [rw] target_id
317
- # TargetID is an AWS account identifier, typically a 10-12 digit
318
- # string (For example, 123456789012).
319
- # @return [String]
320
- #
321
- # @!attribute [rw] target_type
322
- # The entity type for which the assignment will be created.
316
+ # *Amazon Web Services General Reference*.
323
317
  # @return [String]
324
318
  #
325
319
  # @!attribute [rw] permission_set_arn
@@ -327,10 +321,6 @@ module Aws::SSOAdmin
327
321
  # principal access to.
328
322
  # @return [String]
329
323
  #
330
- # @!attribute [rw] principal_type
331
- # The entity type for which the assignment will be created.
332
- # @return [String]
333
- #
334
324
  # @!attribute [rw] principal_id
335
325
  # An identifier for an object in IAM Identity Center, such as a user
336
326
  # or group. PrincipalIds are GUIDs (For example,
@@ -340,15 +330,28 @@ module Aws::SSOAdmin
340
330
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
341
331
  # @return [String]
342
332
  #
333
+ # @!attribute [rw] principal_type
334
+ # The entity type for which the assignment will be created.
335
+ # @return [String]
336
+ #
337
+ # @!attribute [rw] target_id
338
+ # TargetID is an Amazon Web Services account identifier, (For example,
339
+ # 123456789012).
340
+ # @return [String]
341
+ #
342
+ # @!attribute [rw] target_type
343
+ # The entity type for which the assignment will be created.
344
+ # @return [String]
345
+ #
343
346
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignmentRequest AWS API Documentation
344
347
  #
345
348
  class CreateAccountAssignmentRequest < Struct.new(
346
349
  :instance_arn,
347
- :target_id,
348
- :target_type,
349
350
  :permission_set_arn,
351
+ :principal_id,
350
352
  :principal_type,
351
- :principal_id)
353
+ :target_id,
354
+ :target_type)
352
355
  SENSITIVE = []
353
356
  include Aws::Structure
354
357
  end
@@ -365,11 +368,6 @@ module Aws::SSOAdmin
365
368
  include Aws::Structure
366
369
  end
367
370
 
368
- # @!attribute [rw] instance_arn
369
- # The ARN of the IAM Identity Center instance under which the
370
- # operation will be executed.
371
- # @return [String]
372
- #
373
371
  # @!attribute [rw] instance_access_control_attribute_configuration
374
372
  # Specifies the IAM Identity Center identity store attributes to add
375
373
  # to your ABAC configuration. When using an external identity provider
@@ -381,11 +379,16 @@ module Aws::SSOAdmin
381
379
  # Center identity store.
382
380
  # @return [Types::InstanceAccessControlAttributeConfiguration]
383
381
  #
382
+ # @!attribute [rw] instance_arn
383
+ # The ARN of the IAM Identity Center instance under which the
384
+ # operation will be executed.
385
+ # @return [String]
386
+ #
384
387
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
385
388
  #
386
389
  class CreateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
387
- :instance_arn,
388
- :instance_access_control_attribute_configuration)
390
+ :instance_access_control_attribute_configuration,
391
+ :instance_arn)
389
392
  SENSITIVE = []
390
393
  include Aws::Structure
391
394
  end
@@ -394,10 +397,6 @@ module Aws::SSOAdmin
394
397
  #
395
398
  class CreateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
396
399
 
397
- # @!attribute [rw] name
398
- # The name of the PermissionSet.
399
- # @return [String]
400
- #
401
400
  # @!attribute [rw] description
402
401
  # The description of the PermissionSet.
403
402
  # @return [String]
@@ -405,14 +404,13 @@ module Aws::SSOAdmin
405
404
  # @!attribute [rw] instance_arn
406
405
  # The ARN of the IAM Identity Center instance under which the
407
406
  # operation will be executed. For more information about ARNs, see
408
- # [Amazon Resource Names (ARNs) and AWS Service
407
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
409
408
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
410
- # *AWS General Reference*.
409
+ # *Amazon Web Services General Reference*.
411
410
  # @return [String]
412
411
  #
413
- # @!attribute [rw] session_duration
414
- # The length of time that the application user sessions are valid in
415
- # the ISO-8601 standard.
412
+ # @!attribute [rw] name
413
+ # The name of the PermissionSet.
416
414
  # @return [String]
417
415
  #
418
416
  # @!attribute [rw] relay_state
@@ -420,6 +418,11 @@ module Aws::SSOAdmin
420
418
  # authentication process.
421
419
  # @return [String]
422
420
  #
421
+ # @!attribute [rw] session_duration
422
+ # The length of time that the application user sessions are valid in
423
+ # the ISO-8601 standard.
424
+ # @return [String]
425
+ #
423
426
  # @!attribute [rw] tags
424
427
  # The tags to attach to the new PermissionSet.
425
428
  # @return [Array<Types::Tag>]
@@ -427,18 +430,18 @@ module Aws::SSOAdmin
427
430
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSetRequest AWS API Documentation
428
431
  #
429
432
  class CreatePermissionSetRequest < Struct.new(
430
- :name,
431
433
  :description,
432
434
  :instance_arn,
433
- :session_duration,
435
+ :name,
434
436
  :relay_state,
437
+ :session_duration,
435
438
  :tags)
436
439
  SENSITIVE = []
437
440
  include Aws::Structure
438
441
  end
439
442
 
440
443
  # @!attribute [rw] permission_set
441
- # Defines the level of access on an AWS account.
444
+ # Defines the level of access on an Amazon Web Services account.
442
445
  # @return [Types::PermissionSet]
443
446
  #
444
447
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSetResponse AWS API Documentation
@@ -450,8 +453,8 @@ module Aws::SSOAdmin
450
453
  end
451
454
 
452
455
  # Specifies the name and path of a customer managed policy. You must
453
- # have an IAM policy that matches the name and path in each AWS account
454
- # where you want to deploy your permission set.
456
+ # have an IAM policy that matches the name and path in each Amazon Web
457
+ # Services account where you want to deploy your permission set.
455
458
  #
456
459
  # @!attribute [rw] name
457
460
  # The name of the IAM policy that you have configured in each account
@@ -481,28 +484,15 @@ module Aws::SSOAdmin
481
484
  # @!attribute [rw] instance_arn
482
485
  # The ARN of the IAM Identity Center instance under which the
483
486
  # operation will be executed. For more information about ARNs, see
484
- # [Amazon Resource Names (ARNs) and AWS Service
487
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
485
488
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
486
- # *AWS General Reference*.
487
- # @return [String]
488
- #
489
- # @!attribute [rw] target_id
490
- # TargetID is an AWS account identifier, typically a 10-12 digit
491
- # string (For example, 123456789012).
492
- # @return [String]
493
- #
494
- # @!attribute [rw] target_type
495
- # The entity type for which the assignment will be deleted.
489
+ # *Amazon Web Services General Reference*.
496
490
  # @return [String]
497
491
  #
498
492
  # @!attribute [rw] permission_set_arn
499
493
  # The ARN of the permission set that will be used to remove access.
500
494
  # @return [String]
501
495
  #
502
- # @!attribute [rw] principal_type
503
- # The entity type for which the assignment will be deleted.
504
- # @return [String]
505
- #
506
496
  # @!attribute [rw] principal_id
507
497
  # An identifier for an object in IAM Identity Center, such as a user
508
498
  # or group. PrincipalIds are GUIDs (For example,
@@ -512,15 +502,28 @@ module Aws::SSOAdmin
512
502
  # Reference](/singlesignon/latest/IdentityStoreAPIReference/welcome.html).
513
503
  # @return [String]
514
504
  #
505
+ # @!attribute [rw] principal_type
506
+ # The entity type for which the assignment will be deleted.
507
+ # @return [String]
508
+ #
509
+ # @!attribute [rw] target_id
510
+ # TargetID is an Amazon Web Services account identifier, (For example,
511
+ # 123456789012).
512
+ # @return [String]
513
+ #
514
+ # @!attribute [rw] target_type
515
+ # The entity type for which the assignment will be deleted.
516
+ # @return [String]
517
+ #
515
518
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignmentRequest AWS API Documentation
516
519
  #
517
520
  class DeleteAccountAssignmentRequest < Struct.new(
518
521
  :instance_arn,
519
- :target_id,
520
- :target_type,
521
522
  :permission_set_arn,
523
+ :principal_id,
522
524
  :principal_type,
523
- :principal_id)
525
+ :target_id,
526
+ :target_type)
524
527
  SENSITIVE = []
525
528
  include Aws::Structure
526
529
  end
@@ -540,9 +543,9 @@ module Aws::SSOAdmin
540
543
  # @!attribute [rw] instance_arn
541
544
  # The ARN of the IAM Identity Center instance under which the
542
545
  # operation will be executed. For more information about ARNs, see
543
- # [Amazon Resource Names (ARNs) and AWS Service
546
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
544
547
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
545
- # *AWS General Reference*.
548
+ # *Amazon Web Services General Reference*.
546
549
  # @return [String]
547
550
  #
548
551
  # @!attribute [rw] permission_set_arn
@@ -582,9 +585,9 @@ module Aws::SSOAdmin
582
585
  # @!attribute [rw] instance_arn
583
586
  # The ARN of the IAM Identity Center instance under which the
584
587
  # operation will be executed. For more information about ARNs, see
585
- # [Amazon Resource Names (ARNs) and AWS Service
588
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
586
589
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
587
- # *AWS General Reference*.
590
+ # *Amazon Web Services General Reference*.
588
591
  # @return [String]
589
592
  #
590
593
  # @!attribute [rw] permission_set_arn
@@ -626,23 +629,23 @@ module Aws::SSOAdmin
626
629
  #
627
630
  class DeletePermissionsBoundaryFromPermissionSetResponse < Aws::EmptyStructure; end
628
631
 
632
+ # @!attribute [rw] account_assignment_creation_request_id
633
+ # The identifier that is used to track the request operation progress.
634
+ # @return [String]
635
+ #
629
636
  # @!attribute [rw] instance_arn
630
637
  # The ARN of the IAM Identity Center instance under which the
631
638
  # operation will be executed. For more information about ARNs, see
632
- # [Amazon Resource Names (ARNs) and AWS Service
639
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
633
640
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
634
- # *AWS General Reference*.
635
- # @return [String]
636
- #
637
- # @!attribute [rw] account_assignment_creation_request_id
638
- # The identifier that is used to track the request operation progress.
641
+ # *Amazon Web Services General Reference*.
639
642
  # @return [String]
640
643
  #
641
644
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatusRequest AWS API Documentation
642
645
  #
643
646
  class DescribeAccountAssignmentCreationStatusRequest < Struct.new(
644
- :instance_arn,
645
- :account_assignment_creation_request_id)
647
+ :account_assignment_creation_request_id,
648
+ :instance_arn)
646
649
  SENSITIVE = []
647
650
  include Aws::Structure
648
651
  end
@@ -659,23 +662,23 @@ module Aws::SSOAdmin
659
662
  include Aws::Structure
660
663
  end
661
664
 
665
+ # @!attribute [rw] account_assignment_deletion_request_id
666
+ # The identifier that is used to track the request operation progress.
667
+ # @return [String]
668
+ #
662
669
  # @!attribute [rw] instance_arn
663
670
  # The ARN of the IAM Identity Center instance under which the
664
671
  # operation will be executed. For more information about ARNs, see
665
- # [Amazon Resource Names (ARNs) and AWS Service
672
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
666
673
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
667
- # *AWS General Reference*.
668
- # @return [String]
669
- #
670
- # @!attribute [rw] account_assignment_deletion_request_id
671
- # The identifier that is used to track the request operation progress.
674
+ # *Amazon Web Services General Reference*.
672
675
  # @return [String]
673
676
  #
674
677
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatusRequest AWS API Documentation
675
678
  #
676
679
  class DescribeAccountAssignmentDeletionStatusRequest < Struct.new(
677
- :instance_arn,
678
- :account_assignment_deletion_request_id)
680
+ :account_assignment_deletion_request_id,
681
+ :instance_arn)
679
682
  SENSITIVE = []
680
683
  include Aws::Structure
681
684
  end
@@ -705,6 +708,11 @@ module Aws::SSOAdmin
705
708
  include Aws::Structure
706
709
  end
707
710
 
711
+ # @!attribute [rw] instance_access_control_attribute_configuration
712
+ # Gets the list of IAM Identity Center identity store attributes that
713
+ # have been added to your ABAC configuration.
714
+ # @return [Types::InstanceAccessControlAttributeConfiguration]
715
+ #
708
716
  # @!attribute [rw] status
709
717
  # The status of the attribute configuration process.
710
718
  # @return [String]
@@ -714,17 +722,12 @@ module Aws::SSOAdmin
714
722
  # attribute.
715
723
  # @return [String]
716
724
  #
717
- # @!attribute [rw] instance_access_control_attribute_configuration
718
- # Gets the list of IAM Identity Center identity store attributes that
719
- # have been added to your ABAC configuration.
720
- # @return [Types::InstanceAccessControlAttributeConfiguration]
721
- #
722
725
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeInstanceAccessControlAttributeConfigurationResponse AWS API Documentation
723
726
  #
724
727
  class DescribeInstanceAccessControlAttributeConfigurationResponse < Struct.new(
728
+ :instance_access_control_attribute_configuration,
725
729
  :status,
726
- :status_reason,
727
- :instance_access_control_attribute_configuration)
730
+ :status_reason)
728
731
  SENSITIVE = []
729
732
  include Aws::Structure
730
733
  end
@@ -732,9 +735,9 @@ module Aws::SSOAdmin
732
735
  # @!attribute [rw] instance_arn
733
736
  # The ARN of the IAM Identity Center instance under which the
734
737
  # operation will be executed. For more information about ARNs, see
735
- # [Amazon Resource Names (ARNs) and AWS Service
738
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
736
739
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
737
- # *AWS General Reference*.
740
+ # *Amazon Web Services General Reference*.
738
741
  # @return [String]
739
742
  #
740
743
  # @!attribute [rw] provision_permission_set_request_id
@@ -766,9 +769,9 @@ module Aws::SSOAdmin
766
769
  # @!attribute [rw] instance_arn
767
770
  # The ARN of the IAM Identity Center instance under which the
768
771
  # operation will be executed. For more information about ARNs, see
769
- # [Amazon Resource Names (ARNs) and AWS Service
772
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
770
773
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
771
- # *AWS General Reference*.
774
+ # *Amazon Web Services General Reference*.
772
775
  # @return [String]
773
776
  #
774
777
  # @!attribute [rw] permission_set_arn
@@ -785,7 +788,7 @@ module Aws::SSOAdmin
785
788
  end
786
789
 
787
790
  # @!attribute [rw] permission_set
788
- # Describes the level of access on an AWS account.
791
+ # Describes the level of access on an Amazon Web Services account.
789
792
  # @return [Types::PermissionSet]
790
793
  #
791
794
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetResponse AWS API Documentation
@@ -796,6 +799,12 @@ module Aws::SSOAdmin
796
799
  include Aws::Structure
797
800
  end
798
801
 
802
+ # @!attribute [rw] customer_managed_policy_reference
803
+ # Specifies the name and path of a customer managed policy. You must
804
+ # have an IAM policy that matches the name and path in each Amazon Web
805
+ # Services account where you want to deploy your permission set.
806
+ # @return [Types::CustomerManagedPolicyReference]
807
+ #
799
808
  # @!attribute [rw] instance_arn
800
809
  # The ARN of the IAM Identity Center instance under which the
801
810
  # operation will be executed.
@@ -805,18 +814,12 @@ module Aws::SSOAdmin
805
814
  # The ARN of the `PermissionSet`.
806
815
  # @return [String]
807
816
  #
808
- # @!attribute [rw] customer_managed_policy_reference
809
- # Specifies the name and path of a customer managed policy. You must
810
- # have an IAM policy that matches the name and path in each AWS
811
- # account where you want to deploy your permission set.
812
- # @return [Types::CustomerManagedPolicyReference]
813
- #
814
817
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSetRequest AWS API Documentation
815
818
  #
816
819
  class DetachCustomerManagedPolicyReferenceFromPermissionSetRequest < Struct.new(
820
+ :customer_managed_policy_reference,
817
821
  :instance_arn,
818
- :permission_set_arn,
819
- :customer_managed_policy_reference)
822
+ :permission_set_arn)
820
823
  SENSITIVE = []
821
824
  include Aws::Structure
822
825
  end
@@ -828,9 +831,14 @@ module Aws::SSOAdmin
828
831
  # @!attribute [rw] instance_arn
829
832
  # The ARN of the IAM Identity Center instance under which the
830
833
  # operation will be executed. For more information about ARNs, see
831
- # [Amazon Resource Names (ARNs) and AWS Service
834
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
832
835
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
833
- # *AWS General Reference*.
836
+ # *Amazon Web Services General Reference*.
837
+ # @return [String]
838
+ #
839
+ # @!attribute [rw] managed_policy_arn
840
+ # The Amazon Web Services managed policy ARN to be detached from a
841
+ # permission set.
834
842
  # @return [String]
835
843
  #
836
844
  # @!attribute [rw] permission_set_arn
@@ -838,16 +846,12 @@ module Aws::SSOAdmin
838
846
  # detached.
839
847
  # @return [String]
840
848
  #
841
- # @!attribute [rw] managed_policy_arn
842
- # The AWS managed policy ARN to be detached from a permission set.
843
- # @return [String]
844
- #
845
849
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSetRequest AWS API Documentation
846
850
  #
847
851
  class DetachManagedPolicyFromPermissionSetRequest < Struct.new(
848
852
  :instance_arn,
849
- :permission_set_arn,
850
- :managed_policy_arn)
853
+ :managed_policy_arn,
854
+ :permission_set_arn)
851
855
  SENSITIVE = []
852
856
  include Aws::Structure
853
857
  end
@@ -859,9 +863,9 @@ module Aws::SSOAdmin
859
863
  # @!attribute [rw] instance_arn
860
864
  # The ARN of the IAM Identity Center instance under which the
861
865
  # operation will be executed. For more information about ARNs, see
862
- # [Amazon Resource Names (ARNs) and AWS Service
866
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
863
867
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
864
- # *AWS General Reference*.
868
+ # *Amazon Web Services General Reference*.
865
869
  # @return [String]
866
870
  #
867
871
  # @!attribute [rw] permission_set_arn
@@ -879,6 +883,12 @@ module Aws::SSOAdmin
879
883
 
880
884
  # @!attribute [rw] inline_policy
881
885
  # The inline policy that is attached to the permission set.
886
+ #
887
+ # <note markdown="1"> For `Length Constraints`, if a valid ARN is provided for a
888
+ # permission set, it is possible for an empty inline policy to be
889
+ # returned.
890
+ #
891
+ # </note>
882
892
  # @return [String]
883
893
  #
884
894
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetInlinePolicyForPermissionSetResponse AWS API Documentation
@@ -937,24 +947,24 @@ module Aws::SSOAdmin
937
947
 
938
948
  # Provides information about the IAM Identity Center instance.
939
949
  #
950
+ # @!attribute [rw] identity_store_id
951
+ # The identifier of the identity store that is connected to the IAM
952
+ # Identity Center instance.
953
+ # @return [String]
954
+ #
940
955
  # @!attribute [rw] instance_arn
941
956
  # The ARN of the IAM Identity Center instance under which the
942
957
  # operation will be executed. For more information about ARNs, see
943
- # [Amazon Resource Names (ARNs) and AWS Service
958
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
944
959
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
945
- # *AWS General Reference*.
946
- # @return [String]
947
- #
948
- # @!attribute [rw] identity_store_id
949
- # The identifier of the identity store that is connected to the IAM
950
- # Identity Center instance.
960
+ # *Amazon Web Services General Reference*.
951
961
  # @return [String]
952
962
  #
953
963
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/InstanceMetadata AWS API Documentation
954
964
  #
955
965
  class InstanceMetadata < Struct.new(
956
- :instance_arn,
957
- :identity_store_id)
966
+ :identity_store_id,
967
+ :instance_arn)
958
968
  SENSITIVE = []
959
969
  include Aws::Structure
960
970
  end
@@ -973,12 +983,16 @@ module Aws::SSOAdmin
973
983
  include Aws::Structure
974
984
  end
975
985
 
986
+ # @!attribute [rw] filter
987
+ # Filters results based on the passed attribute value.
988
+ # @return [Types::OperationStatusFilter]
989
+ #
976
990
  # @!attribute [rw] instance_arn
977
991
  # The ARN of the IAM Identity Center instance under which the
978
992
  # operation will be executed. For more information about ARNs, see
979
- # [Amazon Resource Names (ARNs) and AWS Service
993
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
980
994
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
981
- # *AWS General Reference*.
995
+ # *Amazon Web Services General Reference*.
982
996
  # @return [String]
983
997
  #
984
998
  # @!attribute [rw] max_results
@@ -990,17 +1004,13 @@ module Aws::SSOAdmin
990
1004
  # Use the output of previous API calls to make subsequent calls.
991
1005
  # @return [String]
992
1006
  #
993
- # @!attribute [rw] filter
994
- # Filters results based on the passed attribute value.
995
- # @return [Types::OperationStatusFilter]
996
- #
997
1007
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatusRequest AWS API Documentation
998
1008
  #
999
1009
  class ListAccountAssignmentCreationStatusRequest < Struct.new(
1010
+ :filter,
1000
1011
  :instance_arn,
1001
1012
  :max_results,
1002
- :next_token,
1003
- :filter)
1013
+ :next_token)
1004
1014
  SENSITIVE = []
1005
1015
  include Aws::Structure
1006
1016
  end
@@ -1023,12 +1033,16 @@ module Aws::SSOAdmin
1023
1033
  include Aws::Structure
1024
1034
  end
1025
1035
 
1036
+ # @!attribute [rw] filter
1037
+ # Filters results based on the passed attribute value.
1038
+ # @return [Types::OperationStatusFilter]
1039
+ #
1026
1040
  # @!attribute [rw] instance_arn
1027
1041
  # The ARN of the IAM Identity Center instance under which the
1028
1042
  # operation will be executed. For more information about ARNs, see
1029
- # [Amazon Resource Names (ARNs) and AWS Service
1043
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1030
1044
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1031
- # *AWS General Reference*.
1045
+ # *Amazon Web Services General Reference*.
1032
1046
  # @return [String]
1033
1047
  #
1034
1048
  # @!attribute [rw] max_results
@@ -1040,17 +1054,13 @@ module Aws::SSOAdmin
1040
1054
  # Use the output of previous API calls to make subsequent calls.
1041
1055
  # @return [String]
1042
1056
  #
1043
- # @!attribute [rw] filter
1044
- # Filters results based on the passed attribute value.
1045
- # @return [Types::OperationStatusFilter]
1046
- #
1047
1057
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatusRequest AWS API Documentation
1048
1058
  #
1049
1059
  class ListAccountAssignmentDeletionStatusRequest < Struct.new(
1060
+ :filter,
1050
1061
  :instance_arn,
1051
1062
  :max_results,
1052
- :next_token,
1053
- :filter)
1063
+ :next_token)
1054
1064
  SENSITIVE = []
1055
1065
  include Aws::Structure
1056
1066
  end
@@ -1073,21 +1083,17 @@ module Aws::SSOAdmin
1073
1083
  include Aws::Structure
1074
1084
  end
1075
1085
 
1086
+ # @!attribute [rw] account_id
1087
+ # The identifier of the Amazon Web Services account from which to list
1088
+ # the assignments.
1089
+ # @return [String]
1090
+ #
1076
1091
  # @!attribute [rw] instance_arn
1077
1092
  # The ARN of the IAM Identity Center instance under which the
1078
1093
  # operation will be executed. For more information about ARNs, see
1079
- # [Amazon Resource Names (ARNs) and AWS Service
1094
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1080
1095
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1081
- # *AWS General Reference*.
1082
- # @return [String]
1083
- #
1084
- # @!attribute [rw] account_id
1085
- # The identifier of the AWS account from which to list the
1086
- # assignments.
1087
- # @return [String]
1088
- #
1089
- # @!attribute [rw] permission_set_arn
1090
- # The ARN of the permission set from which to list assignments.
1096
+ # *Amazon Web Services General Reference*.
1091
1097
  # @return [String]
1092
1098
  #
1093
1099
  # @!attribute [rw] max_results
@@ -1099,21 +1105,25 @@ module Aws::SSOAdmin
1099
1105
  # Use the output of previous API calls to make subsequent calls.
1100
1106
  # @return [String]
1101
1107
  #
1108
+ # @!attribute [rw] permission_set_arn
1109
+ # The ARN of the permission set from which to list assignments.
1110
+ # @return [String]
1111
+ #
1102
1112
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentsRequest AWS API Documentation
1103
1113
  #
1104
1114
  class ListAccountAssignmentsRequest < Struct.new(
1105
- :instance_arn,
1106
1115
  :account_id,
1107
- :permission_set_arn,
1116
+ :instance_arn,
1108
1117
  :max_results,
1109
- :next_token)
1118
+ :next_token,
1119
+ :permission_set_arn)
1110
1120
  SENSITIVE = []
1111
1121
  include Aws::Structure
1112
1122
  end
1113
1123
 
1114
1124
  # @!attribute [rw] account_assignments
1115
- # The list of assignments that match the input AWS account and
1116
- # permission set.
1125
+ # The list of assignments that match the input Amazon Web Services
1126
+ # account and permission set.
1117
1127
  # @return [Array<Types::AccountAssignment>]
1118
1128
  #
1119
1129
  # @!attribute [rw] next_token
@@ -1133,18 +1143,9 @@ module Aws::SSOAdmin
1133
1143
  # @!attribute [rw] instance_arn
1134
1144
  # The ARN of the IAM Identity Center instance under which the
1135
1145
  # operation will be executed. For more information about ARNs, see
1136
- # [Amazon Resource Names (ARNs) and AWS Service
1146
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1137
1147
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1138
- # *AWS General Reference*.
1139
- # @return [String]
1140
- #
1141
- # @!attribute [rw] permission_set_arn
1142
- # The ARN of the PermissionSet from which the associated AWS accounts
1143
- # will be listed.
1144
- # @return [String]
1145
- #
1146
- # @!attribute [rw] provisioning_status
1147
- # The permission set provisioning status for an AWS account.
1148
+ # *Amazon Web Services General Reference*.
1148
1149
  # @return [String]
1149
1150
  #
1150
1151
  # @!attribute [rw] max_results
@@ -1156,20 +1157,30 @@ module Aws::SSOAdmin
1156
1157
  # Use the output of previous API calls to make subsequent calls.
1157
1158
  # @return [String]
1158
1159
  #
1160
+ # @!attribute [rw] permission_set_arn
1161
+ # The ARN of the PermissionSet from which the associated Amazon Web
1162
+ # Services accounts will be listed.
1163
+ # @return [String]
1164
+ #
1165
+ # @!attribute [rw] provisioning_status
1166
+ # The permission set provisioning status for an Amazon Web Services
1167
+ # account.
1168
+ # @return [String]
1169
+ #
1159
1170
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountsForProvisionedPermissionSetRequest AWS API Documentation
1160
1171
  #
1161
1172
  class ListAccountsForProvisionedPermissionSetRequest < Struct.new(
1162
1173
  :instance_arn,
1163
- :permission_set_arn,
1164
- :provisioning_status,
1165
1174
  :max_results,
1166
- :next_token)
1175
+ :next_token,
1176
+ :permission_set_arn,
1177
+ :provisioning_status)
1167
1178
  SENSITIVE = []
1168
1179
  include Aws::Structure
1169
1180
  end
1170
1181
 
1171
1182
  # @!attribute [rw] account_ids
1172
- # The list of AWS `AccountIds`.
1183
+ # The list of Amazon Web Services `AccountIds`.
1173
1184
  # @return [Array<String>]
1174
1185
  #
1175
1186
  # @!attribute [rw] next_token
@@ -1191,10 +1202,6 @@ module Aws::SSOAdmin
1191
1202
  # operation will be executed.
1192
1203
  # @return [String]
1193
1204
  #
1194
- # @!attribute [rw] permission_set_arn
1195
- # The ARN of the `PermissionSet`.
1196
- # @return [String]
1197
- #
1198
1205
  # @!attribute [rw] max_results
1199
1206
  # The maximum number of results to display for the list call.
1200
1207
  # @return [Integer]
@@ -1204,13 +1211,17 @@ module Aws::SSOAdmin
1204
1211
  # Use the output of previous API calls to make subsequent calls.
1205
1212
  # @return [String]
1206
1213
  #
1214
+ # @!attribute [rw] permission_set_arn
1215
+ # The ARN of the `PermissionSet`.
1216
+ # @return [String]
1217
+ #
1207
1218
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListCustomerManagedPolicyReferencesInPermissionSetRequest AWS API Documentation
1208
1219
  #
1209
1220
  class ListCustomerManagedPolicyReferencesInPermissionSetRequest < Struct.new(
1210
1221
  :instance_arn,
1211
- :permission_set_arn,
1212
1222
  :max_results,
1213
- :next_token)
1223
+ :next_token,
1224
+ :permission_set_arn)
1214
1225
  SENSITIVE = []
1215
1226
  include Aws::Structure
1216
1227
  end
@@ -1274,13 +1285,9 @@ module Aws::SSOAdmin
1274
1285
  # @!attribute [rw] instance_arn
1275
1286
  # The ARN of the IAM Identity Center instance under which the
1276
1287
  # operation will be executed. For more information about ARNs, see
1277
- # [Amazon Resource Names (ARNs) and AWS Service
1288
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1278
1289
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1279
- # *AWS General Reference*.
1280
- # @return [String]
1281
- #
1282
- # @!attribute [rw] permission_set_arn
1283
- # The ARN of the PermissionSet whose managed policies will be listed.
1290
+ # *Amazon Web Services General Reference*.
1284
1291
  # @return [String]
1285
1292
  #
1286
1293
  # @!attribute [rw] max_results
@@ -1292,13 +1299,17 @@ module Aws::SSOAdmin
1292
1299
  # Use the output of previous API calls to make subsequent calls.
1293
1300
  # @return [String]
1294
1301
  #
1302
+ # @!attribute [rw] permission_set_arn
1303
+ # The ARN of the PermissionSet whose managed policies will be listed.
1304
+ # @return [String]
1305
+ #
1295
1306
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSetRequest AWS API Documentation
1296
1307
  #
1297
1308
  class ListManagedPoliciesInPermissionSetRequest < Struct.new(
1298
1309
  :instance_arn,
1299
- :permission_set_arn,
1300
1310
  :max_results,
1301
- :next_token)
1311
+ :next_token,
1312
+ :permission_set_arn)
1302
1313
  SENSITIVE = []
1303
1314
  include Aws::Structure
1304
1315
  end
@@ -1321,12 +1332,16 @@ module Aws::SSOAdmin
1321
1332
  include Aws::Structure
1322
1333
  end
1323
1334
 
1335
+ # @!attribute [rw] filter
1336
+ # Filters results based on the passed attribute value.
1337
+ # @return [Types::OperationStatusFilter]
1338
+ #
1324
1339
  # @!attribute [rw] instance_arn
1325
1340
  # The ARN of the IAM Identity Center instance under which the
1326
1341
  # operation will be executed. For more information about ARNs, see
1327
- # [Amazon Resource Names (ARNs) and AWS Service
1342
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1328
1343
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1329
- # *AWS General Reference*.
1344
+ # *Amazon Web Services General Reference*.
1330
1345
  # @return [String]
1331
1346
  #
1332
1347
  # @!attribute [rw] max_results
@@ -1338,54 +1353,46 @@ module Aws::SSOAdmin
1338
1353
  # Use the output of previous API calls to make subsequent calls.
1339
1354
  # @return [String]
1340
1355
  #
1341
- # @!attribute [rw] filter
1342
- # Filters results based on the passed attribute value.
1343
- # @return [Types::OperationStatusFilter]
1344
- #
1345
1356
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatusRequest AWS API Documentation
1346
1357
  #
1347
1358
  class ListPermissionSetProvisioningStatusRequest < Struct.new(
1359
+ :filter,
1348
1360
  :instance_arn,
1349
1361
  :max_results,
1350
- :next_token,
1351
- :filter)
1362
+ :next_token)
1352
1363
  SENSITIVE = []
1353
1364
  include Aws::Structure
1354
1365
  end
1355
1366
 
1356
- # @!attribute [rw] permission_sets_provisioning_status
1357
- # The status object for the permission set provisioning operation.
1358
- # @return [Array<Types::PermissionSetProvisioningStatusMetadata>]
1359
- #
1360
1367
  # @!attribute [rw] next_token
1361
1368
  # The pagination token for the list API. Initially the value is null.
1362
1369
  # Use the output of previous API calls to make subsequent calls.
1363
1370
  # @return [String]
1364
1371
  #
1372
+ # @!attribute [rw] permission_sets_provisioning_status
1373
+ # The status object for the permission set provisioning operation.
1374
+ # @return [Array<Types::PermissionSetProvisioningStatusMetadata>]
1375
+ #
1365
1376
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatusResponse AWS API Documentation
1366
1377
  #
1367
1378
  class ListPermissionSetProvisioningStatusResponse < Struct.new(
1368
- :permission_sets_provisioning_status,
1369
- :next_token)
1379
+ :next_token,
1380
+ :permission_sets_provisioning_status)
1370
1381
  SENSITIVE = []
1371
1382
  include Aws::Structure
1372
1383
  end
1373
1384
 
1385
+ # @!attribute [rw] account_id
1386
+ # The identifier of the Amazon Web Services account from which to list
1387
+ # the assignments.
1388
+ # @return [String]
1389
+ #
1374
1390
  # @!attribute [rw] instance_arn
1375
1391
  # The ARN of the IAM Identity Center instance under which the
1376
1392
  # operation will be executed. For more information about ARNs, see
1377
- # [Amazon Resource Names (ARNs) and AWS Service
1393
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1378
1394
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1379
- # *AWS General Reference*.
1380
- # @return [String]
1381
- #
1382
- # @!attribute [rw] account_id
1383
- # The identifier of the AWS account from which to list the
1384
- # assignments.
1385
- # @return [String]
1386
- #
1387
- # @!attribute [rw] provisioning_status
1388
- # The status object for the permission set provisioning operation.
1395
+ # *Amazon Web Services General Reference*.
1389
1396
  # @return [String]
1390
1397
  #
1391
1398
  # @!attribute [rw] max_results
@@ -1397,14 +1404,18 @@ module Aws::SSOAdmin
1397
1404
  # Use the output of previous API calls to make subsequent calls.
1398
1405
  # @return [String]
1399
1406
  #
1407
+ # @!attribute [rw] provisioning_status
1408
+ # The status object for the permission set provisioning operation.
1409
+ # @return [String]
1410
+ #
1400
1411
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccountRequest AWS API Documentation
1401
1412
  #
1402
1413
  class ListPermissionSetsProvisionedToAccountRequest < Struct.new(
1403
- :instance_arn,
1404
1414
  :account_id,
1405
- :provisioning_status,
1415
+ :instance_arn,
1406
1416
  :max_results,
1407
- :next_token)
1417
+ :next_token,
1418
+ :provisioning_status)
1408
1419
  SENSITIVE = []
1409
1420
  include Aws::Structure
1410
1421
  end
@@ -1415,7 +1426,7 @@ module Aws::SSOAdmin
1415
1426
  # @return [String]
1416
1427
  #
1417
1428
  # @!attribute [rw] permission_sets
1418
- # Defines the level of access that an AWS account has.
1429
+ # Defines the level of access that an Amazon Web Services account has.
1419
1430
  # @return [Array<String>]
1420
1431
  #
1421
1432
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccountResponse AWS API Documentation
@@ -1430,44 +1441,44 @@ module Aws::SSOAdmin
1430
1441
  # @!attribute [rw] instance_arn
1431
1442
  # The ARN of the IAM Identity Center instance under which the
1432
1443
  # operation will be executed. For more information about ARNs, see
1433
- # [Amazon Resource Names (ARNs) and AWS Service
1444
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1434
1445
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1435
- # *AWS General Reference*.
1446
+ # *Amazon Web Services General Reference*.
1436
1447
  # @return [String]
1437
1448
  #
1449
+ # @!attribute [rw] max_results
1450
+ # The maximum number of results to display for the assignment.
1451
+ # @return [Integer]
1452
+ #
1438
1453
  # @!attribute [rw] next_token
1439
1454
  # The pagination token for the list API. Initially the value is null.
1440
1455
  # Use the output of previous API calls to make subsequent calls.
1441
1456
  # @return [String]
1442
1457
  #
1443
- # @!attribute [rw] max_results
1444
- # The maximum number of results to display for the assignment.
1445
- # @return [Integer]
1446
- #
1447
1458
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsRequest AWS API Documentation
1448
1459
  #
1449
1460
  class ListPermissionSetsRequest < Struct.new(
1450
1461
  :instance_arn,
1451
- :next_token,
1452
- :max_results)
1462
+ :max_results,
1463
+ :next_token)
1453
1464
  SENSITIVE = []
1454
1465
  include Aws::Structure
1455
1466
  end
1456
1467
 
1457
- # @!attribute [rw] permission_sets
1458
- # Defines the level of access on an AWS account.
1459
- # @return [Array<String>]
1460
- #
1461
1468
  # @!attribute [rw] next_token
1462
1469
  # The pagination token for the list API. Initially the value is null.
1463
1470
  # Use the output of previous API calls to make subsequent calls.
1464
1471
  # @return [String]
1465
1472
  #
1473
+ # @!attribute [rw] permission_sets
1474
+ # Defines the level of access on an Amazon Web Services account.
1475
+ # @return [Array<String>]
1476
+ #
1466
1477
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsResponse AWS API Documentation
1467
1478
  #
1468
1479
  class ListPermissionSetsResponse < Struct.new(
1469
- :permission_sets,
1470
- :next_token)
1480
+ :next_token,
1481
+ :permission_sets)
1471
1482
  SENSITIVE = []
1472
1483
  include Aws::Structure
1473
1484
  end
@@ -1475,13 +1486,9 @@ module Aws::SSOAdmin
1475
1486
  # @!attribute [rw] instance_arn
1476
1487
  # The ARN of the IAM Identity Center instance under which the
1477
1488
  # operation will be executed. For more information about ARNs, see
1478
- # [Amazon Resource Names (ARNs) and AWS Service
1489
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1479
1490
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1480
- # *AWS General Reference*.
1481
- # @return [String]
1482
- #
1483
- # @!attribute [rw] resource_arn
1484
- # The ARN of the resource with the tags to be listed.
1491
+ # *Amazon Web Services General Reference*.
1485
1492
  # @return [String]
1486
1493
  #
1487
1494
  # @!attribute [rw] next_token
@@ -1489,30 +1496,34 @@ module Aws::SSOAdmin
1489
1496
  # Use the output of previous API calls to make subsequent calls.
1490
1497
  # @return [String]
1491
1498
  #
1499
+ # @!attribute [rw] resource_arn
1500
+ # The ARN of the resource with the tags to be listed.
1501
+ # @return [String]
1502
+ #
1492
1503
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResourceRequest AWS API Documentation
1493
1504
  #
1494
1505
  class ListTagsForResourceRequest < Struct.new(
1495
1506
  :instance_arn,
1496
- :resource_arn,
1497
- :next_token)
1507
+ :next_token,
1508
+ :resource_arn)
1498
1509
  SENSITIVE = []
1499
1510
  include Aws::Structure
1500
1511
  end
1501
1512
 
1502
- # @!attribute [rw] tags
1503
- # A set of key-value pairs that are used to manage the resource.
1504
- # @return [Array<Types::Tag>]
1505
- #
1506
1513
  # @!attribute [rw] next_token
1507
1514
  # The pagination token for the list API. Initially the value is null.
1508
1515
  # Use the output of previous API calls to make subsequent calls.
1509
1516
  # @return [String]
1510
1517
  #
1518
+ # @!attribute [rw] tags
1519
+ # A set of key-value pairs that are used to manage the resource.
1520
+ # @return [Array<Types::Tag>]
1521
+ #
1511
1522
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResourceResponse AWS API Documentation
1512
1523
  #
1513
1524
  class ListTagsForResourceResponse < Struct.new(
1514
- :tags,
1515
- :next_token)
1525
+ :next_token,
1526
+ :tags)
1516
1527
  SENSITIVE = []
1517
1528
  include Aws::Structure
1518
1529
  end
@@ -1533,44 +1544,44 @@ module Aws::SSOAdmin
1533
1544
 
1534
1545
  # An entity that contains IAM policies.
1535
1546
  #
1547
+ # @!attribute [rw] created_date
1548
+ # The date that the permission set was created.
1549
+ # @return [Time]
1550
+ #
1551
+ # @!attribute [rw] description
1552
+ # The description of the PermissionSet.
1553
+ # @return [String]
1554
+ #
1536
1555
  # @!attribute [rw] name
1537
1556
  # The name of the permission set.
1538
1557
  # @return [String]
1539
1558
  #
1540
1559
  # @!attribute [rw] permission_set_arn
1541
1560
  # The ARN of the permission set. For more information about ARNs, see
1542
- # [Amazon Resource Names (ARNs) and AWS Service
1561
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1543
1562
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1544
- # *AWS General Reference*.
1563
+ # *Amazon Web Services General Reference*.
1545
1564
  # @return [String]
1546
1565
  #
1547
- # @!attribute [rw] description
1548
- # The description of the PermissionSet.
1566
+ # @!attribute [rw] relay_state
1567
+ # Used to redirect users within the application during the federation
1568
+ # authentication process.
1549
1569
  # @return [String]
1550
1570
  #
1551
- # @!attribute [rw] created_date
1552
- # The date that the permission set was created.
1553
- # @return [Time]
1554
- #
1555
1571
  # @!attribute [rw] session_duration
1556
1572
  # The length of time that the application user sessions are valid for
1557
1573
  # in the ISO-8601 standard.
1558
1574
  # @return [String]
1559
1575
  #
1560
- # @!attribute [rw] relay_state
1561
- # Used to redirect users within the application during the federation
1562
- # authentication process.
1563
- # @return [String]
1564
- #
1565
1576
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSet AWS API Documentation
1566
1577
  #
1567
1578
  class PermissionSet < Struct.new(
1579
+ :created_date,
1580
+ :description,
1568
1581
  :name,
1569
1582
  :permission_set_arn,
1570
- :description,
1571
- :created_date,
1572
- :session_duration,
1573
- :relay_state)
1583
+ :relay_state,
1584
+ :session_duration)
1574
1585
  SENSITIVE = []
1575
1586
  include Aws::Structure
1576
1587
  end
@@ -1578,82 +1589,83 @@ module Aws::SSOAdmin
1578
1589
  # A structure that is used to provide the status of the provisioning
1579
1590
  # operation for a specified permission set.
1580
1591
  #
1581
- # @!attribute [rw] status
1582
- # The status of the permission set provisioning process.
1592
+ # @!attribute [rw] account_id
1593
+ # The identifier of the Amazon Web Services account from which to list
1594
+ # the assignments.
1583
1595
  # @return [String]
1584
1596
  #
1585
- # @!attribute [rw] request_id
1586
- # The identifier for tracking the request operation that is generated
1587
- # by the universally unique identifier (UUID) workflow.
1588
- # @return [String]
1597
+ # @!attribute [rw] created_date
1598
+ # The date that the permission set was created.
1599
+ # @return [Time]
1589
1600
  #
1590
- # @!attribute [rw] account_id
1591
- # The identifier of the AWS account from which to list the
1592
- # assignments.
1601
+ # @!attribute [rw] failure_reason
1602
+ # The message that contains an error or exception in case of an
1603
+ # operation failure.
1593
1604
  # @return [String]
1594
1605
  #
1595
1606
  # @!attribute [rw] permission_set_arn
1596
1607
  # The ARN of the permission set that is being provisioned. For more
1597
- # information about ARNs, see [Amazon Resource Names (ARNs) and AWS
1598
- # Service Namespaces](/general/latest/gr/aws-arns-and-namespaces.html)
1599
- # in the *AWS General Reference*.
1608
+ # information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
1609
+ # Web Services Service
1610
+ # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1611
+ # *Amazon Web Services General Reference*.
1600
1612
  # @return [String]
1601
1613
  #
1602
- # @!attribute [rw] failure_reason
1603
- # The message that contains an error or exception in case of an
1604
- # operation failure.
1614
+ # @!attribute [rw] request_id
1615
+ # The identifier for tracking the request operation that is generated
1616
+ # by the universally unique identifier (UUID) workflow.
1605
1617
  # @return [String]
1606
1618
  #
1607
- # @!attribute [rw] created_date
1608
- # The date that the permission set was created.
1609
- # @return [Time]
1619
+ # @!attribute [rw] status
1620
+ # The status of the permission set provisioning process.
1621
+ # @return [String]
1610
1622
  #
1611
1623
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSetProvisioningStatus AWS API Documentation
1612
1624
  #
1613
1625
  class PermissionSetProvisioningStatus < Struct.new(
1614
- :status,
1615
- :request_id,
1616
1626
  :account_id,
1617
- :permission_set_arn,
1627
+ :created_date,
1618
1628
  :failure_reason,
1619
- :created_date)
1629
+ :permission_set_arn,
1630
+ :request_id,
1631
+ :status)
1620
1632
  SENSITIVE = []
1621
1633
  include Aws::Structure
1622
1634
  end
1623
1635
 
1624
1636
  # Provides information about the permission set provisioning status.
1625
1637
  #
1626
- # @!attribute [rw] status
1627
- # The status of the permission set provisioning process.
1628
- # @return [String]
1638
+ # @!attribute [rw] created_date
1639
+ # The date that the permission set was created.
1640
+ # @return [Time]
1629
1641
  #
1630
1642
  # @!attribute [rw] request_id
1631
1643
  # The identifier for tracking the request operation that is generated
1632
1644
  # by the universally unique identifier (UUID) workflow.
1633
1645
  # @return [String]
1634
1646
  #
1635
- # @!attribute [rw] created_date
1636
- # The date that the permission set was created.
1637
- # @return [Time]
1647
+ # @!attribute [rw] status
1648
+ # The status of the permission set provisioning process.
1649
+ # @return [String]
1638
1650
  #
1639
1651
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionSetProvisioningStatusMetadata AWS API Documentation
1640
1652
  #
1641
1653
  class PermissionSetProvisioningStatusMetadata < Struct.new(
1642
- :status,
1654
+ :created_date,
1643
1655
  :request_id,
1644
- :created_date)
1656
+ :status)
1645
1657
  SENSITIVE = []
1646
1658
  include Aws::Structure
1647
1659
  end
1648
1660
 
1649
- # Specifies the configuration of the AWS managed or customer managed
1650
- # policy that you want to set as a permissions boundary. Specify either
1651
- # `CustomerManagedPolicyReference` to use the name and path of a
1652
- # customer managed policy, or `ManagedPolicyArn` to use the ARN of an
1653
- # AWS managed policy. A permissions boundary represents the maximum
1654
- # permissions that any policy can grant your role. For more information,
1655
- # see [Permissions boundaries for IAM entities][1] in the *IAM User
1656
- # Guide*.
1661
+ # Specifies the configuration of the Amazon Web Services managed or
1662
+ # customer managed policy that you want to set as a permissions
1663
+ # boundary. Specify either `CustomerManagedPolicyReference` to use the
1664
+ # name and path of a customer managed policy, or `ManagedPolicyArn` to
1665
+ # use the ARN of an Amazon Web Services managed policy. A permissions
1666
+ # boundary represents the maximum permissions that any policy can grant
1667
+ # your role. For more information, see [Permissions boundaries for IAM
1668
+ # entities][1] in the *IAM User Guide*.
1657
1669
  #
1658
1670
  # Policies used as permissions boundaries don't provide permissions.
1659
1671
  # You must also attach an IAM policy to the role. To learn how the
@@ -1667,13 +1679,13 @@ module Aws::SSOAdmin
1667
1679
  #
1668
1680
  # @!attribute [rw] customer_managed_policy_reference
1669
1681
  # Specifies the name and path of a customer managed policy. You must
1670
- # have an IAM policy that matches the name and path in each AWS
1671
- # account where you want to deploy your permission set.
1682
+ # have an IAM policy that matches the name and path in each Amazon Web
1683
+ # Services account where you want to deploy your permission set.
1672
1684
  # @return [Types::CustomerManagedPolicyReference]
1673
1685
  #
1674
1686
  # @!attribute [rw] managed_policy_arn
1675
- # The AWS managed policy ARN that you want to attach to a permission
1676
- # set as a permissions boundary.
1687
+ # The Amazon Web Services managed policy ARN that you want to attach
1688
+ # to a permission set as a permissions boundary.
1677
1689
  # @return [String]
1678
1690
  #
1679
1691
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionsBoundary AWS API Documentation
@@ -1688,9 +1700,9 @@ module Aws::SSOAdmin
1688
1700
  # @!attribute [rw] instance_arn
1689
1701
  # The ARN of the IAM Identity Center instance under which the
1690
1702
  # operation will be executed. For more information about ARNs, see
1691
- # [Amazon Resource Names (ARNs) and AWS Service
1703
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1692
1704
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1693
- # *AWS General Reference*.
1705
+ # *Amazon Web Services General Reference*.
1694
1706
  # @return [String]
1695
1707
  #
1696
1708
  # @!attribute [rw] permission_set_arn
@@ -1698,8 +1710,8 @@ module Aws::SSOAdmin
1698
1710
  # @return [String]
1699
1711
  #
1700
1712
  # @!attribute [rw] target_id
1701
- # TargetID is an AWS account identifier, typically a 10-12 digit
1702
- # string (For example, 123456789012).
1713
+ # TargetID is an Amazon Web Services account identifier, (For example,
1714
+ # 123456789012).
1703
1715
  # @return [String]
1704
1716
  #
1705
1717
  # @!attribute [rw] target_type
@@ -1729,28 +1741,28 @@ module Aws::SSOAdmin
1729
1741
  include Aws::Structure
1730
1742
  end
1731
1743
 
1744
+ # @!attribute [rw] inline_policy
1745
+ # The inline policy to attach to a PermissionSet.
1746
+ # @return [String]
1747
+ #
1732
1748
  # @!attribute [rw] instance_arn
1733
1749
  # The ARN of the IAM Identity Center instance under which the
1734
1750
  # operation will be executed. For more information about ARNs, see
1735
- # [Amazon Resource Names (ARNs) and AWS Service
1751
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1736
1752
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1737
- # *AWS General Reference*.
1753
+ # *Amazon Web Services General Reference*.
1738
1754
  # @return [String]
1739
1755
  #
1740
1756
  # @!attribute [rw] permission_set_arn
1741
1757
  # The ARN of the permission set.
1742
1758
  # @return [String]
1743
1759
  #
1744
- # @!attribute [rw] inline_policy
1745
- # The inline policy to attach to a PermissionSet.
1746
- # @return [String]
1747
- #
1748
1760
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSetRequest AWS API Documentation
1749
1761
  #
1750
1762
  class PutInlinePolicyToPermissionSetRequest < Struct.new(
1763
+ :inline_policy,
1751
1764
  :instance_arn,
1752
- :permission_set_arn,
1753
- :inline_policy)
1765
+ :permission_set_arn)
1754
1766
  SENSITIVE = []
1755
1767
  include Aws::Structure
1756
1768
  end
@@ -1816,7 +1828,8 @@ module Aws::SSOAdmin
1816
1828
 
1817
1829
  # A set of key-value pairs that are used to manage the resource. Tags
1818
1830
  # can only be applied to permission sets and cannot be applied to
1819
- # corresponding roles that IAM Identity Center creates in AWS accounts.
1831
+ # corresponding roles that IAM Identity Center creates in Amazon Web
1832
+ # Services accounts.
1820
1833
  #
1821
1834
  # @!attribute [rw] key
1822
1835
  # The key for the tag.
@@ -1838,9 +1851,9 @@ module Aws::SSOAdmin
1838
1851
  # @!attribute [rw] instance_arn
1839
1852
  # The ARN of the IAM Identity Center instance under which the
1840
1853
  # operation will be executed. For more information about ARNs, see
1841
- # [Amazon Resource Names (ARNs) and AWS Service
1854
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1842
1855
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1843
- # *AWS General Reference*.
1856
+ # *Amazon Web Services General Reference*.
1844
1857
  # @return [String]
1845
1858
  #
1846
1859
  # @!attribute [rw] resource_arn
@@ -1882,9 +1895,9 @@ module Aws::SSOAdmin
1882
1895
  # @!attribute [rw] instance_arn
1883
1896
  # The ARN of the IAM Identity Center instance under which the
1884
1897
  # operation will be executed. For more information about ARNs, see
1885
- # [Amazon Resource Names (ARNs) and AWS Service
1898
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1886
1899
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1887
- # *AWS General Reference*.
1900
+ # *Amazon Web Services General Reference*.
1888
1901
  # @return [String]
1889
1902
  #
1890
1903
  # @!attribute [rw] resource_arn
@@ -1909,20 +1922,20 @@ module Aws::SSOAdmin
1909
1922
  #
1910
1923
  class UntagResourceResponse < Aws::EmptyStructure; end
1911
1924
 
1925
+ # @!attribute [rw] instance_access_control_attribute_configuration
1926
+ # Updates the attributes for your ABAC configuration.
1927
+ # @return [Types::InstanceAccessControlAttributeConfiguration]
1928
+ #
1912
1929
  # @!attribute [rw] instance_arn
1913
1930
  # The ARN of the IAM Identity Center instance under which the
1914
1931
  # operation will be executed.
1915
1932
  # @return [String]
1916
1933
  #
1917
- # @!attribute [rw] instance_access_control_attribute_configuration
1918
- # Updates the attributes for your ABAC configuration.
1919
- # @return [Types::InstanceAccessControlAttributeConfiguration]
1920
- #
1921
1934
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
1922
1935
  #
1923
1936
  class UpdateInstanceAccessControlAttributeConfigurationRequest < Struct.new(
1924
- :instance_arn,
1925
- :instance_access_control_attribute_configuration)
1937
+ :instance_access_control_attribute_configuration,
1938
+ :instance_arn)
1926
1939
  SENSITIVE = []
1927
1940
  include Aws::Structure
1928
1941
  end
@@ -1931,20 +1944,25 @@ module Aws::SSOAdmin
1931
1944
  #
1932
1945
  class UpdateInstanceAccessControlAttributeConfigurationResponse < Aws::EmptyStructure; end
1933
1946
 
1947
+ # @!attribute [rw] description
1948
+ # The description of the PermissionSet.
1949
+ # @return [String]
1950
+ #
1934
1951
  # @!attribute [rw] instance_arn
1935
1952
  # The ARN of the IAM Identity Center instance under which the
1936
1953
  # operation will be executed. For more information about ARNs, see
1937
- # [Amazon Resource Names (ARNs) and AWS Service
1954
+ # [Amazon Resource Names (ARNs) and Amazon Web Services Service
1938
1955
  # Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
1939
- # *AWS General Reference*.
1956
+ # *Amazon Web Services General Reference*.
1940
1957
  # @return [String]
1941
1958
  #
1942
1959
  # @!attribute [rw] permission_set_arn
1943
1960
  # The ARN of the permission set.
1944
1961
  # @return [String]
1945
1962
  #
1946
- # @!attribute [rw] description
1947
- # The description of the PermissionSet.
1963
+ # @!attribute [rw] relay_state
1964
+ # Used to redirect users within the application during the federation
1965
+ # authentication process.
1948
1966
  # @return [String]
1949
1967
  #
1950
1968
  # @!attribute [rw] session_duration
@@ -1952,19 +1970,14 @@ module Aws::SSOAdmin
1952
1970
  # in the ISO-8601 standard.
1953
1971
  # @return [String]
1954
1972
  #
1955
- # @!attribute [rw] relay_state
1956
- # Used to redirect users within the application during the federation
1957
- # authentication process.
1958
- # @return [String]
1959
- #
1960
1973
  # @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSetRequest AWS API Documentation
1961
1974
  #
1962
1975
  class UpdatePermissionSetRequest < Struct.new(
1976
+ :description,
1963
1977
  :instance_arn,
1964
1978
  :permission_set_arn,
1965
- :description,
1966
- :session_duration,
1967
- :relay_state)
1979
+ :relay_state,
1980
+ :session_duration)
1968
1981
  SENSITIVE = []
1969
1982
  include Aws::Structure
1970
1983
  end