aws-sdk-ssoadmin 1.16.0 → 1.17.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-ssoadmin/client.rb +241 -15
- data/lib/aws-sdk-ssoadmin/client_api.rb +165 -6
- data/lib/aws-sdk-ssoadmin/types.rb +368 -18
- data/lib/aws-sdk-ssoadmin.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c915cef011351abba2ed5524b5fdf1f43a7a39d042724488f2c49d609cca1f82
|
|
4
|
+
data.tar.gz: 939d7ec566dcacc58dc5ae3fadfcd55d54d5f3aa3b4170ea1be612b1df23c7a3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f5699026d95effb289e508815d8eefd3711e10647bcc85e2e9feb2fa901ca909fc62a30206da7ae88ee10e6bd2268f873ee969ca595d222e7a5c9046f709118
|
|
7
|
+
data.tar.gz: aa3e97796906e96c33ac31b04f2ea1bb0ae71745a6290ed9bd2bd32fc0d50e7aa8dcced2444fd2b506b5b1f3d1dd727fa349ca74546068c357a260513de75fce
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.17.0 (2022-07-18)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - AWS SSO now supports attaching customer managed policies and a permissions boundary to your permission sets. This release adds new API operations to manage and view the customer managed policies and the permissions boundary for a given permission set.
|
|
8
|
+
|
|
4
9
|
1.16.0 (2022-02-24)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.17.0
|
|
@@ -361,7 +361,45 @@ module Aws::SSOAdmin
|
|
|
361
361
|
|
|
362
362
|
# @!group API Operations
|
|
363
363
|
|
|
364
|
-
# Attaches
|
|
364
|
+
# Attaches the specified IAM customer managed policy to the specified
|
|
365
|
+
# PermissionSet.
|
|
366
|
+
#
|
|
367
|
+
# @option params [required, String] :instance_arn
|
|
368
|
+
# The ARN of the SSO instance under which the operation will be
|
|
369
|
+
# executed.
|
|
370
|
+
#
|
|
371
|
+
# @option params [required, String] :permission_set_arn
|
|
372
|
+
# The ARN of the `PermissionSet`.
|
|
373
|
+
#
|
|
374
|
+
# @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
|
|
375
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
376
|
+
# must have an IAM policy that matches the name and path in each Amazon
|
|
377
|
+
# Web Services account where you want to deploy your permission set.
|
|
378
|
+
#
|
|
379
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
380
|
+
#
|
|
381
|
+
# @example Request syntax with placeholder values
|
|
382
|
+
#
|
|
383
|
+
# resp = client.attach_customer_managed_policy_reference_to_permission_set({
|
|
384
|
+
# instance_arn: "InstanceArn", # required
|
|
385
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
386
|
+
# customer_managed_policy_reference: { # required
|
|
387
|
+
# name: "ManagedPolicyName", # required
|
|
388
|
+
# path: "ManagedPolicyPath",
|
|
389
|
+
# },
|
|
390
|
+
# })
|
|
391
|
+
#
|
|
392
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSet AWS API Documentation
|
|
393
|
+
#
|
|
394
|
+
# @overload attach_customer_managed_policy_reference_to_permission_set(params = {})
|
|
395
|
+
# @param [Hash] params ({})
|
|
396
|
+
def attach_customer_managed_policy_reference_to_permission_set(params = {}, options = {})
|
|
397
|
+
req = build_request(:attach_customer_managed_policy_reference_to_permission_set, params)
|
|
398
|
+
req.send_request(options)
|
|
399
|
+
end
|
|
400
|
+
|
|
401
|
+
# Attaches an Amazon Web Services managed IAM policy ARN to a permission
|
|
402
|
+
# set.
|
|
365
403
|
#
|
|
366
404
|
# <note markdown="1"> If the permission set is already referenced by one or more account
|
|
367
405
|
# assignments, you will need to call ` ProvisionPermissionSet ` after
|
|
@@ -382,7 +420,8 @@ module Aws::SSOAdmin
|
|
|
382
420
|
# attached to.
|
|
383
421
|
#
|
|
384
422
|
# @option params [required, String] :managed_policy_arn
|
|
385
|
-
# The
|
|
423
|
+
# The Amazon Web Services managed policy ARN to be attached to a
|
|
424
|
+
# permission set.
|
|
386
425
|
#
|
|
387
426
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
388
427
|
#
|
|
@@ -579,8 +618,8 @@ module Aws::SSOAdmin
|
|
|
579
618
|
# relay_state: "RelayState",
|
|
580
619
|
# tags: [
|
|
581
620
|
# {
|
|
582
|
-
# key: "TagKey",
|
|
583
|
-
# value: "TagValue",
|
|
621
|
+
# key: "TagKey", # required
|
|
622
|
+
# value: "TagValue", # required
|
|
584
623
|
# },
|
|
585
624
|
# ],
|
|
586
625
|
# })
|
|
@@ -760,6 +799,33 @@ module Aws::SSOAdmin
|
|
|
760
799
|
req.send_request(options)
|
|
761
800
|
end
|
|
762
801
|
|
|
802
|
+
# Deletes the permissions boundary from a specified PermissionSet.
|
|
803
|
+
#
|
|
804
|
+
# @option params [required, String] :instance_arn
|
|
805
|
+
# The ARN of the SSO instance under which the operation will be
|
|
806
|
+
# executed.
|
|
807
|
+
#
|
|
808
|
+
# @option params [required, String] :permission_set_arn
|
|
809
|
+
# The ARN of the `PermissionSet`.
|
|
810
|
+
#
|
|
811
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
812
|
+
#
|
|
813
|
+
# @example Request syntax with placeholder values
|
|
814
|
+
#
|
|
815
|
+
# resp = client.delete_permissions_boundary_from_permission_set({
|
|
816
|
+
# instance_arn: "InstanceArn", # required
|
|
817
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
818
|
+
# })
|
|
819
|
+
#
|
|
820
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionsBoundaryFromPermissionSet AWS API Documentation
|
|
821
|
+
#
|
|
822
|
+
# @overload delete_permissions_boundary_from_permission_set(params = {})
|
|
823
|
+
# @param [Hash] params ({})
|
|
824
|
+
def delete_permissions_boundary_from_permission_set(params = {}, options = {})
|
|
825
|
+
req = build_request(:delete_permissions_boundary_from_permission_set, params)
|
|
826
|
+
req.send_request(options)
|
|
827
|
+
end
|
|
828
|
+
|
|
763
829
|
# Describes the status of the assignment creation request.
|
|
764
830
|
#
|
|
765
831
|
# @option params [required, String] :instance_arn
|
|
@@ -974,8 +1040,45 @@ module Aws::SSOAdmin
|
|
|
974
1040
|
req.send_request(options)
|
|
975
1041
|
end
|
|
976
1042
|
|
|
977
|
-
# Detaches the
|
|
978
|
-
#
|
|
1043
|
+
# Detaches the specified IAM customer managed policy from the specified
|
|
1044
|
+
# PermissionSet.
|
|
1045
|
+
#
|
|
1046
|
+
# @option params [required, String] :instance_arn
|
|
1047
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1048
|
+
# executed.
|
|
1049
|
+
#
|
|
1050
|
+
# @option params [required, String] :permission_set_arn
|
|
1051
|
+
# The ARN of the `PermissionSet`.
|
|
1052
|
+
#
|
|
1053
|
+
# @option params [required, Types::CustomerManagedPolicyReference] :customer_managed_policy_reference
|
|
1054
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
1055
|
+
# must have an IAM policy that matches the name and path in each Amazon
|
|
1056
|
+
# Web Services account where you want to deploy your permission set.
|
|
1057
|
+
#
|
|
1058
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1059
|
+
#
|
|
1060
|
+
# @example Request syntax with placeholder values
|
|
1061
|
+
#
|
|
1062
|
+
# resp = client.detach_customer_managed_policy_reference_from_permission_set({
|
|
1063
|
+
# instance_arn: "InstanceArn", # required
|
|
1064
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1065
|
+
# customer_managed_policy_reference: { # required
|
|
1066
|
+
# name: "ManagedPolicyName", # required
|
|
1067
|
+
# path: "ManagedPolicyPath",
|
|
1068
|
+
# },
|
|
1069
|
+
# })
|
|
1070
|
+
#
|
|
1071
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSet AWS API Documentation
|
|
1072
|
+
#
|
|
1073
|
+
# @overload detach_customer_managed_policy_reference_from_permission_set(params = {})
|
|
1074
|
+
# @param [Hash] params ({})
|
|
1075
|
+
def detach_customer_managed_policy_reference_from_permission_set(params = {}, options = {})
|
|
1076
|
+
req = build_request(:detach_customer_managed_policy_reference_from_permission_set, params)
|
|
1077
|
+
req.send_request(options)
|
|
1078
|
+
end
|
|
1079
|
+
|
|
1080
|
+
# Detaches the attached Amazon Web Services managed IAM policy ARN from
|
|
1081
|
+
# the specified permission set.
|
|
979
1082
|
#
|
|
980
1083
|
# @option params [required, String] :instance_arn
|
|
981
1084
|
# The ARN of the SSO instance under which the operation will be
|
|
@@ -988,7 +1091,8 @@ module Aws::SSOAdmin
|
|
|
988
1091
|
# The ARN of the PermissionSet from which the policy should be detached.
|
|
989
1092
|
#
|
|
990
1093
|
# @option params [required, String] :managed_policy_arn
|
|
991
|
-
# The
|
|
1094
|
+
# The Amazon Web Services managed policy ARN to be detached from a
|
|
1095
|
+
# permission set.
|
|
992
1096
|
#
|
|
993
1097
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
994
1098
|
#
|
|
@@ -1045,6 +1149,41 @@ module Aws::SSOAdmin
|
|
|
1045
1149
|
req.send_request(options)
|
|
1046
1150
|
end
|
|
1047
1151
|
|
|
1152
|
+
# Obtains the permissions boundary for a specified PermissionSet.
|
|
1153
|
+
#
|
|
1154
|
+
# @option params [required, String] :instance_arn
|
|
1155
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1156
|
+
# executed.
|
|
1157
|
+
#
|
|
1158
|
+
# @option params [required, String] :permission_set_arn
|
|
1159
|
+
# The ARN of the `PermissionSet`.
|
|
1160
|
+
#
|
|
1161
|
+
# @return [Types::GetPermissionsBoundaryForPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1162
|
+
#
|
|
1163
|
+
# * {Types::GetPermissionsBoundaryForPermissionSetResponse#permissions_boundary #permissions_boundary} => Types::PermissionsBoundary
|
|
1164
|
+
#
|
|
1165
|
+
# @example Request syntax with placeholder values
|
|
1166
|
+
#
|
|
1167
|
+
# resp = client.get_permissions_boundary_for_permission_set({
|
|
1168
|
+
# instance_arn: "InstanceArn", # required
|
|
1169
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1170
|
+
# })
|
|
1171
|
+
#
|
|
1172
|
+
# @example Response structure
|
|
1173
|
+
#
|
|
1174
|
+
# resp.permissions_boundary.customer_managed_policy_reference.name #=> String
|
|
1175
|
+
# resp.permissions_boundary.customer_managed_policy_reference.path #=> String
|
|
1176
|
+
# resp.permissions_boundary.managed_policy_arn #=> String
|
|
1177
|
+
#
|
|
1178
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetPermissionsBoundaryForPermissionSet AWS API Documentation
|
|
1179
|
+
#
|
|
1180
|
+
# @overload get_permissions_boundary_for_permission_set(params = {})
|
|
1181
|
+
# @param [Hash] params ({})
|
|
1182
|
+
def get_permissions_boundary_for_permission_set(params = {}, options = {})
|
|
1183
|
+
req = build_request(:get_permissions_boundary_for_permission_set, params)
|
|
1184
|
+
req.send_request(options)
|
|
1185
|
+
end
|
|
1186
|
+
|
|
1048
1187
|
# Lists the status of the Amazon Web Services account assignment
|
|
1049
1188
|
# creation requests for a specified SSO instance.
|
|
1050
1189
|
#
|
|
@@ -1271,6 +1410,55 @@ module Aws::SSOAdmin
|
|
|
1271
1410
|
req.send_request(options)
|
|
1272
1411
|
end
|
|
1273
1412
|
|
|
1413
|
+
# Lists all IAM customer managed policies attached to a specified
|
|
1414
|
+
# PermissionSet.
|
|
1415
|
+
#
|
|
1416
|
+
# @option params [required, String] :instance_arn
|
|
1417
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1418
|
+
# executed.
|
|
1419
|
+
#
|
|
1420
|
+
# @option params [required, String] :permission_set_arn
|
|
1421
|
+
# The ARN of the `PermissionSet`.
|
|
1422
|
+
#
|
|
1423
|
+
# @option params [Integer] :max_results
|
|
1424
|
+
# The maximum number of results to display for the list call.
|
|
1425
|
+
#
|
|
1426
|
+
# @option params [String] :next_token
|
|
1427
|
+
# The pagination token for the list API. Initially the value is null.
|
|
1428
|
+
# Use the output of previous API calls to make subsequent calls.
|
|
1429
|
+
#
|
|
1430
|
+
# @return [Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1431
|
+
#
|
|
1432
|
+
# * {Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse#customer_managed_policy_references #customer_managed_policy_references} => Array<Types::CustomerManagedPolicyReference>
|
|
1433
|
+
# * {Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse#next_token #next_token} => String
|
|
1434
|
+
#
|
|
1435
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1436
|
+
#
|
|
1437
|
+
# @example Request syntax with placeholder values
|
|
1438
|
+
#
|
|
1439
|
+
# resp = client.list_customer_managed_policy_references_in_permission_set({
|
|
1440
|
+
# instance_arn: "InstanceArn", # required
|
|
1441
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1442
|
+
# max_results: 1,
|
|
1443
|
+
# next_token: "Token",
|
|
1444
|
+
# })
|
|
1445
|
+
#
|
|
1446
|
+
# @example Response structure
|
|
1447
|
+
#
|
|
1448
|
+
# resp.customer_managed_policy_references #=> Array
|
|
1449
|
+
# resp.customer_managed_policy_references[0].name #=> String
|
|
1450
|
+
# resp.customer_managed_policy_references[0].path #=> String
|
|
1451
|
+
# resp.next_token #=> String
|
|
1452
|
+
#
|
|
1453
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListCustomerManagedPolicyReferencesInPermissionSet AWS API Documentation
|
|
1454
|
+
#
|
|
1455
|
+
# @overload list_customer_managed_policy_references_in_permission_set(params = {})
|
|
1456
|
+
# @param [Hash] params ({})
|
|
1457
|
+
def list_customer_managed_policy_references_in_permission_set(params = {}, options = {})
|
|
1458
|
+
req = build_request(:list_customer_managed_policy_references_in_permission_set, params)
|
|
1459
|
+
req.send_request(options)
|
|
1460
|
+
end
|
|
1461
|
+
|
|
1274
1462
|
# Lists the SSO instances that the caller has access to.
|
|
1275
1463
|
#
|
|
1276
1464
|
# @option params [Integer] :max_results
|
|
@@ -1310,8 +1498,8 @@ module Aws::SSOAdmin
|
|
|
1310
1498
|
req.send_request(options)
|
|
1311
1499
|
end
|
|
1312
1500
|
|
|
1313
|
-
# Lists the
|
|
1314
|
-
# permission set.
|
|
1501
|
+
# Lists the Amazon Web Services managed IAM policy that is attached to a
|
|
1502
|
+
# specified permission set.
|
|
1315
1503
|
#
|
|
1316
1504
|
# @option params [required, String] :instance_arn
|
|
1317
1505
|
# The ARN of the SSO instance under which the operation will be
|
|
@@ -1546,7 +1734,7 @@ module Aws::SSOAdmin
|
|
|
1546
1734
|
#
|
|
1547
1735
|
# resp = client.list_tags_for_resource({
|
|
1548
1736
|
# instance_arn: "InstanceArn", # required
|
|
1549
|
-
# resource_arn: "
|
|
1737
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1550
1738
|
# next_token: "Token",
|
|
1551
1739
|
# })
|
|
1552
1740
|
#
|
|
@@ -1658,6 +1846,44 @@ module Aws::SSOAdmin
|
|
|
1658
1846
|
req.send_request(options)
|
|
1659
1847
|
end
|
|
1660
1848
|
|
|
1849
|
+
# Attaches an Amazon Web Services managed or customer managed IAM policy
|
|
1850
|
+
# to the specified PermissionSet as a permissions boundary.
|
|
1851
|
+
#
|
|
1852
|
+
# @option params [required, String] :instance_arn
|
|
1853
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1854
|
+
# executed.
|
|
1855
|
+
#
|
|
1856
|
+
# @option params [required, String] :permission_set_arn
|
|
1857
|
+
# The ARN of the `PermissionSet`.
|
|
1858
|
+
#
|
|
1859
|
+
# @option params [required, Types::PermissionsBoundary] :permissions_boundary
|
|
1860
|
+
# The permissions boundary that you want to attach to a `PermissionSet`.
|
|
1861
|
+
#
|
|
1862
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1863
|
+
#
|
|
1864
|
+
# @example Request syntax with placeholder values
|
|
1865
|
+
#
|
|
1866
|
+
# resp = client.put_permissions_boundary_to_permission_set({
|
|
1867
|
+
# instance_arn: "InstanceArn", # required
|
|
1868
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1869
|
+
# permissions_boundary: { # required
|
|
1870
|
+
# customer_managed_policy_reference: {
|
|
1871
|
+
# name: "ManagedPolicyName", # required
|
|
1872
|
+
# path: "ManagedPolicyPath",
|
|
1873
|
+
# },
|
|
1874
|
+
# managed_policy_arn: "ManagedPolicyArn",
|
|
1875
|
+
# },
|
|
1876
|
+
# })
|
|
1877
|
+
#
|
|
1878
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutPermissionsBoundaryToPermissionSet AWS API Documentation
|
|
1879
|
+
#
|
|
1880
|
+
# @overload put_permissions_boundary_to_permission_set(params = {})
|
|
1881
|
+
# @param [Hash] params ({})
|
|
1882
|
+
def put_permissions_boundary_to_permission_set(params = {}, options = {})
|
|
1883
|
+
req = build_request(:put_permissions_boundary_to_permission_set, params)
|
|
1884
|
+
req.send_request(options)
|
|
1885
|
+
end
|
|
1886
|
+
|
|
1661
1887
|
# Associates a set of tags with a specified resource.
|
|
1662
1888
|
#
|
|
1663
1889
|
# @option params [required, String] :instance_arn
|
|
@@ -1679,11 +1905,11 @@ module Aws::SSOAdmin
|
|
|
1679
1905
|
#
|
|
1680
1906
|
# resp = client.tag_resource({
|
|
1681
1907
|
# instance_arn: "InstanceArn", # required
|
|
1682
|
-
# resource_arn: "
|
|
1908
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1683
1909
|
# tags: [ # required
|
|
1684
1910
|
# {
|
|
1685
|
-
# key: "TagKey",
|
|
1686
|
-
# value: "TagValue",
|
|
1911
|
+
# key: "TagKey", # required
|
|
1912
|
+
# value: "TagValue", # required
|
|
1687
1913
|
# },
|
|
1688
1914
|
# ],
|
|
1689
1915
|
# })
|
|
@@ -1718,7 +1944,7 @@ module Aws::SSOAdmin
|
|
|
1718
1944
|
#
|
|
1719
1945
|
# resp = client.untag_resource({
|
|
1720
1946
|
# instance_arn: "InstanceArn", # required
|
|
1721
|
-
# resource_arn: "
|
|
1947
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1722
1948
|
# tag_keys: ["TagKey"], # required
|
|
1723
1949
|
# })
|
|
1724
1950
|
#
|
|
@@ -1834,7 +2060,7 @@ module Aws::SSOAdmin
|
|
|
1834
2060
|
params: params,
|
|
1835
2061
|
config: config)
|
|
1836
2062
|
context[:gem_name] = 'aws-sdk-ssoadmin'
|
|
1837
|
-
context[:gem_version] = '1.
|
|
2063
|
+
context[:gem_version] = '1.17.0'
|
|
1838
2064
|
Seahorse::Client::Request.new(handlers, context)
|
|
1839
2065
|
end
|
|
1840
2066
|
|
|
@@ -28,6 +28,8 @@ module Aws::SSOAdmin
|
|
|
28
28
|
AccountAssignmentOperationStatusMetadata = Shapes::StructureShape.new(name: 'AccountAssignmentOperationStatusMetadata')
|
|
29
29
|
AccountId = Shapes::StringShape.new(name: 'AccountId')
|
|
30
30
|
AccountList = Shapes::ListShape.new(name: 'AccountList')
|
|
31
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetRequest = Shapes::StructureShape.new(name: 'AttachCustomerManagedPolicyReferenceToPermissionSetRequest')
|
|
32
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetResponse = Shapes::StructureShape.new(name: 'AttachCustomerManagedPolicyReferenceToPermissionSetResponse')
|
|
31
33
|
AttachManagedPolicyToPermissionSetRequest = Shapes::StructureShape.new(name: 'AttachManagedPolicyToPermissionSetRequest')
|
|
32
34
|
AttachManagedPolicyToPermissionSetResponse = Shapes::StructureShape.new(name: 'AttachManagedPolicyToPermissionSetResponse')
|
|
33
35
|
AttachedManagedPolicy = Shapes::StructureShape.new(name: 'AttachedManagedPolicy')
|
|
@@ -40,6 +42,8 @@ module Aws::SSOAdmin
|
|
|
40
42
|
CreateInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'CreateInstanceAccessControlAttributeConfigurationResponse')
|
|
41
43
|
CreatePermissionSetRequest = Shapes::StructureShape.new(name: 'CreatePermissionSetRequest')
|
|
42
44
|
CreatePermissionSetResponse = Shapes::StructureShape.new(name: 'CreatePermissionSetResponse')
|
|
45
|
+
CustomerManagedPolicyReference = Shapes::StructureShape.new(name: 'CustomerManagedPolicyReference')
|
|
46
|
+
CustomerManagedPolicyReferenceList = Shapes::ListShape.new(name: 'CustomerManagedPolicyReferenceList')
|
|
43
47
|
Date = Shapes::TimestampShape.new(name: 'Date')
|
|
44
48
|
DeleteAccountAssignmentRequest = Shapes::StructureShape.new(name: 'DeleteAccountAssignmentRequest')
|
|
45
49
|
DeleteAccountAssignmentResponse = Shapes::StructureShape.new(name: 'DeleteAccountAssignmentResponse')
|
|
@@ -49,6 +53,8 @@ module Aws::SSOAdmin
|
|
|
49
53
|
DeleteInstanceAccessControlAttributeConfigurationResponse = Shapes::StructureShape.new(name: 'DeleteInstanceAccessControlAttributeConfigurationResponse')
|
|
50
54
|
DeletePermissionSetRequest = Shapes::StructureShape.new(name: 'DeletePermissionSetRequest')
|
|
51
55
|
DeletePermissionSetResponse = Shapes::StructureShape.new(name: 'DeletePermissionSetResponse')
|
|
56
|
+
DeletePermissionsBoundaryFromPermissionSetRequest = Shapes::StructureShape.new(name: 'DeletePermissionsBoundaryFromPermissionSetRequest')
|
|
57
|
+
DeletePermissionsBoundaryFromPermissionSetResponse = Shapes::StructureShape.new(name: 'DeletePermissionsBoundaryFromPermissionSetResponse')
|
|
52
58
|
DescribeAccountAssignmentCreationStatusRequest = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentCreationStatusRequest')
|
|
53
59
|
DescribeAccountAssignmentCreationStatusResponse = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentCreationStatusResponse')
|
|
54
60
|
DescribeAccountAssignmentDeletionStatusRequest = Shapes::StructureShape.new(name: 'DescribeAccountAssignmentDeletionStatusRequest')
|
|
@@ -59,12 +65,15 @@ module Aws::SSOAdmin
|
|
|
59
65
|
DescribePermissionSetProvisioningStatusResponse = Shapes::StructureShape.new(name: 'DescribePermissionSetProvisioningStatusResponse')
|
|
60
66
|
DescribePermissionSetRequest = Shapes::StructureShape.new(name: 'DescribePermissionSetRequest')
|
|
61
67
|
DescribePermissionSetResponse = Shapes::StructureShape.new(name: 'DescribePermissionSetResponse')
|
|
68
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetRequest = Shapes::StructureShape.new(name: 'DetachCustomerManagedPolicyReferenceFromPermissionSetRequest')
|
|
69
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetResponse = Shapes::StructureShape.new(name: 'DetachCustomerManagedPolicyReferenceFromPermissionSetResponse')
|
|
62
70
|
DetachManagedPolicyFromPermissionSetRequest = Shapes::StructureShape.new(name: 'DetachManagedPolicyFromPermissionSetRequest')
|
|
63
71
|
DetachManagedPolicyFromPermissionSetResponse = Shapes::StructureShape.new(name: 'DetachManagedPolicyFromPermissionSetResponse')
|
|
64
72
|
Duration = Shapes::StringShape.new(name: 'Duration')
|
|
65
|
-
GeneralArn = Shapes::StringShape.new(name: 'GeneralArn')
|
|
66
73
|
GetInlinePolicyForPermissionSetRequest = Shapes::StructureShape.new(name: 'GetInlinePolicyForPermissionSetRequest')
|
|
67
74
|
GetInlinePolicyForPermissionSetResponse = Shapes::StructureShape.new(name: 'GetInlinePolicyForPermissionSetResponse')
|
|
75
|
+
GetPermissionsBoundaryForPermissionSetRequest = Shapes::StructureShape.new(name: 'GetPermissionsBoundaryForPermissionSetRequest')
|
|
76
|
+
GetPermissionsBoundaryForPermissionSetResponse = Shapes::StructureShape.new(name: 'GetPermissionsBoundaryForPermissionSetResponse')
|
|
68
77
|
Id = Shapes::StringShape.new(name: 'Id')
|
|
69
78
|
InstanceAccessControlAttributeConfiguration = Shapes::StructureShape.new(name: 'InstanceAccessControlAttributeConfiguration')
|
|
70
79
|
InstanceAccessControlAttributeConfigurationStatus = Shapes::StringShape.new(name: 'InstanceAccessControlAttributeConfigurationStatus')
|
|
@@ -82,6 +91,8 @@ module Aws::SSOAdmin
|
|
|
82
91
|
ListAccountAssignmentsResponse = Shapes::StructureShape.new(name: 'ListAccountAssignmentsResponse')
|
|
83
92
|
ListAccountsForProvisionedPermissionSetRequest = Shapes::StructureShape.new(name: 'ListAccountsForProvisionedPermissionSetRequest')
|
|
84
93
|
ListAccountsForProvisionedPermissionSetResponse = Shapes::StructureShape.new(name: 'ListAccountsForProvisionedPermissionSetResponse')
|
|
94
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest = Shapes::StructureShape.new(name: 'ListCustomerManagedPolicyReferencesInPermissionSetRequest')
|
|
95
|
+
ListCustomerManagedPolicyReferencesInPermissionSetResponse = Shapes::StructureShape.new(name: 'ListCustomerManagedPolicyReferencesInPermissionSetResponse')
|
|
85
96
|
ListInstancesRequest = Shapes::StructureShape.new(name: 'ListInstancesRequest')
|
|
86
97
|
ListInstancesResponse = Shapes::StructureShape.new(name: 'ListInstancesResponse')
|
|
87
98
|
ListManagedPoliciesInPermissionSetRequest = Shapes::StructureShape.new(name: 'ListManagedPoliciesInPermissionSetRequest')
|
|
@@ -95,6 +106,8 @@ module Aws::SSOAdmin
|
|
|
95
106
|
ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
|
|
96
107
|
ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
|
|
97
108
|
ManagedPolicyArn = Shapes::StringShape.new(name: 'ManagedPolicyArn')
|
|
109
|
+
ManagedPolicyName = Shapes::StringShape.new(name: 'ManagedPolicyName')
|
|
110
|
+
ManagedPolicyPath = Shapes::StringShape.new(name: 'ManagedPolicyPath')
|
|
98
111
|
MaxResults = Shapes::IntegerShape.new(name: 'MaxResults')
|
|
99
112
|
Name = Shapes::StringShape.new(name: 'Name')
|
|
100
113
|
OperationStatusFilter = Shapes::StructureShape.new(name: 'OperationStatusFilter')
|
|
@@ -107,6 +120,7 @@ module Aws::SSOAdmin
|
|
|
107
120
|
PermissionSetProvisioningStatus = Shapes::StructureShape.new(name: 'PermissionSetProvisioningStatus')
|
|
108
121
|
PermissionSetProvisioningStatusList = Shapes::ListShape.new(name: 'PermissionSetProvisioningStatusList')
|
|
109
122
|
PermissionSetProvisioningStatusMetadata = Shapes::StructureShape.new(name: 'PermissionSetProvisioningStatusMetadata')
|
|
123
|
+
PermissionsBoundary = Shapes::StructureShape.new(name: 'PermissionsBoundary')
|
|
110
124
|
PrincipalId = Shapes::StringShape.new(name: 'PrincipalId')
|
|
111
125
|
PrincipalType = Shapes::StringShape.new(name: 'PrincipalType')
|
|
112
126
|
ProvisionPermissionSetRequest = Shapes::StructureShape.new(name: 'ProvisionPermissionSetRequest')
|
|
@@ -115,6 +129,8 @@ module Aws::SSOAdmin
|
|
|
115
129
|
ProvisioningStatus = Shapes::StringShape.new(name: 'ProvisioningStatus')
|
|
116
130
|
PutInlinePolicyToPermissionSetRequest = Shapes::StructureShape.new(name: 'PutInlinePolicyToPermissionSetRequest')
|
|
117
131
|
PutInlinePolicyToPermissionSetResponse = Shapes::StructureShape.new(name: 'PutInlinePolicyToPermissionSetResponse')
|
|
132
|
+
PutPermissionsBoundaryToPermissionSetRequest = Shapes::StructureShape.new(name: 'PutPermissionsBoundaryToPermissionSetRequest')
|
|
133
|
+
PutPermissionsBoundaryToPermissionSetResponse = Shapes::StructureShape.new(name: 'PutPermissionsBoundaryToPermissionSetResponse')
|
|
118
134
|
Reason = Shapes::StringShape.new(name: 'Reason')
|
|
119
135
|
RelayState = Shapes::StringShape.new(name: 'RelayState')
|
|
120
136
|
ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
|
|
@@ -129,6 +145,7 @@ module Aws::SSOAdmin
|
|
|
129
145
|
TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
|
|
130
146
|
TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse')
|
|
131
147
|
TagValue = Shapes::StringShape.new(name: 'TagValue')
|
|
148
|
+
TaggableResourceArn = Shapes::StringShape.new(name: 'TaggableResourceArn')
|
|
132
149
|
TargetId = Shapes::StringShape.new(name: 'TargetId')
|
|
133
150
|
TargetType = Shapes::StringShape.new(name: 'TargetType')
|
|
134
151
|
ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
|
|
@@ -186,6 +203,13 @@ module Aws::SSOAdmin
|
|
|
186
203
|
|
|
187
204
|
AccountList.member = Shapes::ShapeRef.new(shape: AccountId)
|
|
188
205
|
|
|
206
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
207
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
208
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetRequest.add_member(:customer_managed_policy_reference, Shapes::ShapeRef.new(shape: CustomerManagedPolicyReference, required: true, location_name: "CustomerManagedPolicyReference"))
|
|
209
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetRequest.struct_class = Types::AttachCustomerManagedPolicyReferenceToPermissionSetRequest
|
|
210
|
+
|
|
211
|
+
AttachCustomerManagedPolicyReferenceToPermissionSetResponse.struct_class = Types::AttachCustomerManagedPolicyReferenceToPermissionSetResponse
|
|
212
|
+
|
|
189
213
|
AttachManagedPolicyToPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
190
214
|
AttachManagedPolicyToPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
191
215
|
AttachManagedPolicyToPermissionSetRequest.add_member(:managed_policy_arn, Shapes::ShapeRef.new(shape: ManagedPolicyArn, required: true, location_name: "ManagedPolicyArn"))
|
|
@@ -230,6 +254,12 @@ module Aws::SSOAdmin
|
|
|
230
254
|
CreatePermissionSetResponse.add_member(:permission_set, Shapes::ShapeRef.new(shape: PermissionSet, location_name: "PermissionSet"))
|
|
231
255
|
CreatePermissionSetResponse.struct_class = Types::CreatePermissionSetResponse
|
|
232
256
|
|
|
257
|
+
CustomerManagedPolicyReference.add_member(:name, Shapes::ShapeRef.new(shape: ManagedPolicyName, required: true, location_name: "Name"))
|
|
258
|
+
CustomerManagedPolicyReference.add_member(:path, Shapes::ShapeRef.new(shape: ManagedPolicyPath, location_name: "Path"))
|
|
259
|
+
CustomerManagedPolicyReference.struct_class = Types::CustomerManagedPolicyReference
|
|
260
|
+
|
|
261
|
+
CustomerManagedPolicyReferenceList.member = Shapes::ShapeRef.new(shape: CustomerManagedPolicyReference)
|
|
262
|
+
|
|
233
263
|
DeleteAccountAssignmentRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
234
264
|
DeleteAccountAssignmentRequest.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, required: true, location_name: "TargetId"))
|
|
235
265
|
DeleteAccountAssignmentRequest.add_member(:target_type, Shapes::ShapeRef.new(shape: TargetType, required: true, location_name: "TargetType"))
|
|
@@ -258,6 +288,12 @@ module Aws::SSOAdmin
|
|
|
258
288
|
|
|
259
289
|
DeletePermissionSetResponse.struct_class = Types::DeletePermissionSetResponse
|
|
260
290
|
|
|
291
|
+
DeletePermissionsBoundaryFromPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
292
|
+
DeletePermissionsBoundaryFromPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
293
|
+
DeletePermissionsBoundaryFromPermissionSetRequest.struct_class = Types::DeletePermissionsBoundaryFromPermissionSetRequest
|
|
294
|
+
|
|
295
|
+
DeletePermissionsBoundaryFromPermissionSetResponse.struct_class = Types::DeletePermissionsBoundaryFromPermissionSetResponse
|
|
296
|
+
|
|
261
297
|
DescribeAccountAssignmentCreationStatusRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
262
298
|
DescribeAccountAssignmentCreationStatusRequest.add_member(:account_assignment_creation_request_id, Shapes::ShapeRef.new(shape: UUId, required: true, location_name: "AccountAssignmentCreationRequestId"))
|
|
263
299
|
DescribeAccountAssignmentCreationStatusRequest.struct_class = Types::DescribeAccountAssignmentCreationStatusRequest
|
|
@@ -294,6 +330,13 @@ module Aws::SSOAdmin
|
|
|
294
330
|
DescribePermissionSetResponse.add_member(:permission_set, Shapes::ShapeRef.new(shape: PermissionSet, location_name: "PermissionSet"))
|
|
295
331
|
DescribePermissionSetResponse.struct_class = Types::DescribePermissionSetResponse
|
|
296
332
|
|
|
333
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
334
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
335
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetRequest.add_member(:customer_managed_policy_reference, Shapes::ShapeRef.new(shape: CustomerManagedPolicyReference, required: true, location_name: "CustomerManagedPolicyReference"))
|
|
336
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetRequest.struct_class = Types::DetachCustomerManagedPolicyReferenceFromPermissionSetRequest
|
|
337
|
+
|
|
338
|
+
DetachCustomerManagedPolicyReferenceFromPermissionSetResponse.struct_class = Types::DetachCustomerManagedPolicyReferenceFromPermissionSetResponse
|
|
339
|
+
|
|
297
340
|
DetachManagedPolicyFromPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
298
341
|
DetachManagedPolicyFromPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
299
342
|
DetachManagedPolicyFromPermissionSetRequest.add_member(:managed_policy_arn, Shapes::ShapeRef.new(shape: ManagedPolicyArn, required: true, location_name: "ManagedPolicyArn"))
|
|
@@ -308,6 +351,13 @@ module Aws::SSOAdmin
|
|
|
308
351
|
GetInlinePolicyForPermissionSetResponse.add_member(:inline_policy, Shapes::ShapeRef.new(shape: PermissionSetPolicyDocument, location_name: "InlinePolicy"))
|
|
309
352
|
GetInlinePolicyForPermissionSetResponse.struct_class = Types::GetInlinePolicyForPermissionSetResponse
|
|
310
353
|
|
|
354
|
+
GetPermissionsBoundaryForPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
355
|
+
GetPermissionsBoundaryForPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
356
|
+
GetPermissionsBoundaryForPermissionSetRequest.struct_class = Types::GetPermissionsBoundaryForPermissionSetRequest
|
|
357
|
+
|
|
358
|
+
GetPermissionsBoundaryForPermissionSetResponse.add_member(:permissions_boundary, Shapes::ShapeRef.new(shape: PermissionsBoundary, location_name: "PermissionsBoundary"))
|
|
359
|
+
GetPermissionsBoundaryForPermissionSetResponse.struct_class = Types::GetPermissionsBoundaryForPermissionSetResponse
|
|
360
|
+
|
|
311
361
|
InstanceAccessControlAttributeConfiguration.add_member(:access_control_attributes, Shapes::ShapeRef.new(shape: AccessControlAttributeList, required: true, location_name: "AccessControlAttributes"))
|
|
312
362
|
InstanceAccessControlAttributeConfiguration.struct_class = Types::InstanceAccessControlAttributeConfiguration
|
|
313
363
|
|
|
@@ -362,6 +412,16 @@ module Aws::SSOAdmin
|
|
|
362
412
|
ListAccountsForProvisionedPermissionSetResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "NextToken"))
|
|
363
413
|
ListAccountsForProvisionedPermissionSetResponse.struct_class = Types::ListAccountsForProvisionedPermissionSetResponse
|
|
364
414
|
|
|
415
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
416
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
417
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
|
|
418
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "NextToken"))
|
|
419
|
+
ListCustomerManagedPolicyReferencesInPermissionSetRequest.struct_class = Types::ListCustomerManagedPolicyReferencesInPermissionSetRequest
|
|
420
|
+
|
|
421
|
+
ListCustomerManagedPolicyReferencesInPermissionSetResponse.add_member(:customer_managed_policy_references, Shapes::ShapeRef.new(shape: CustomerManagedPolicyReferenceList, location_name: "CustomerManagedPolicyReferences"))
|
|
422
|
+
ListCustomerManagedPolicyReferencesInPermissionSetResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "NextToken"))
|
|
423
|
+
ListCustomerManagedPolicyReferencesInPermissionSetResponse.struct_class = Types::ListCustomerManagedPolicyReferencesInPermissionSetResponse
|
|
424
|
+
|
|
365
425
|
ListInstancesRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
|
|
366
426
|
ListInstancesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "NextToken"))
|
|
367
427
|
ListInstancesRequest.struct_class = Types::ListInstancesRequest
|
|
@@ -411,7 +471,7 @@ module Aws::SSOAdmin
|
|
|
411
471
|
ListPermissionSetsResponse.struct_class = Types::ListPermissionSetsResponse
|
|
412
472
|
|
|
413
473
|
ListTagsForResourceRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
414
|
-
ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape:
|
|
474
|
+
ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: TaggableResourceArn, required: true, location_name: "ResourceArn"))
|
|
415
475
|
ListTagsForResourceRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "NextToken"))
|
|
416
476
|
ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
|
|
417
477
|
|
|
@@ -447,6 +507,10 @@ module Aws::SSOAdmin
|
|
|
447
507
|
PermissionSetProvisioningStatusMetadata.add_member(:created_date, Shapes::ShapeRef.new(shape: Date, location_name: "CreatedDate"))
|
|
448
508
|
PermissionSetProvisioningStatusMetadata.struct_class = Types::PermissionSetProvisioningStatusMetadata
|
|
449
509
|
|
|
510
|
+
PermissionsBoundary.add_member(:customer_managed_policy_reference, Shapes::ShapeRef.new(shape: CustomerManagedPolicyReference, location_name: "CustomerManagedPolicyReference"))
|
|
511
|
+
PermissionsBoundary.add_member(:managed_policy_arn, Shapes::ShapeRef.new(shape: ManagedPolicyArn, location_name: "ManagedPolicyArn"))
|
|
512
|
+
PermissionsBoundary.struct_class = Types::PermissionsBoundary
|
|
513
|
+
|
|
450
514
|
ProvisionPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
451
515
|
ProvisionPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
452
516
|
ProvisionPermissionSetRequest.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, location_name: "TargetId"))
|
|
@@ -463,14 +527,21 @@ module Aws::SSOAdmin
|
|
|
463
527
|
|
|
464
528
|
PutInlinePolicyToPermissionSetResponse.struct_class = Types::PutInlinePolicyToPermissionSetResponse
|
|
465
529
|
|
|
530
|
+
PutPermissionsBoundaryToPermissionSetRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
531
|
+
PutPermissionsBoundaryToPermissionSetRequest.add_member(:permission_set_arn, Shapes::ShapeRef.new(shape: PermissionSetArn, required: true, location_name: "PermissionSetArn"))
|
|
532
|
+
PutPermissionsBoundaryToPermissionSetRequest.add_member(:permissions_boundary, Shapes::ShapeRef.new(shape: PermissionsBoundary, required: true, location_name: "PermissionsBoundary"))
|
|
533
|
+
PutPermissionsBoundaryToPermissionSetRequest.struct_class = Types::PutPermissionsBoundaryToPermissionSetRequest
|
|
534
|
+
|
|
535
|
+
PutPermissionsBoundaryToPermissionSetResponse.struct_class = Types::PutPermissionsBoundaryToPermissionSetResponse
|
|
536
|
+
|
|
466
537
|
ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ResourceNotFoundMessage, location_name: "Message"))
|
|
467
538
|
ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
|
|
468
539
|
|
|
469
540
|
ServiceQuotaExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ServiceQuotaExceededMessage, location_name: "Message"))
|
|
470
541
|
ServiceQuotaExceededException.struct_class = Types::ServiceQuotaExceededException
|
|
471
542
|
|
|
472
|
-
Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKey, location_name: "Key"))
|
|
473
|
-
Tag.add_member(:value, Shapes::ShapeRef.new(shape: TagValue, location_name: "Value"))
|
|
543
|
+
Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKey, required: true, location_name: "Key"))
|
|
544
|
+
Tag.add_member(:value, Shapes::ShapeRef.new(shape: TagValue, required: true, location_name: "Value"))
|
|
474
545
|
Tag.struct_class = Types::Tag
|
|
475
546
|
|
|
476
547
|
TagKeyList.member = Shapes::ShapeRef.new(shape: TagKey)
|
|
@@ -478,7 +549,7 @@ module Aws::SSOAdmin
|
|
|
478
549
|
TagList.member = Shapes::ShapeRef.new(shape: Tag)
|
|
479
550
|
|
|
480
551
|
TagResourceRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
481
|
-
TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape:
|
|
552
|
+
TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: TaggableResourceArn, required: true, location_name: "ResourceArn"))
|
|
482
553
|
TagResourceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, required: true, location_name: "Tags"))
|
|
483
554
|
TagResourceRequest.struct_class = Types::TagResourceRequest
|
|
484
555
|
|
|
@@ -488,7 +559,7 @@ module Aws::SSOAdmin
|
|
|
488
559
|
ThrottlingException.struct_class = Types::ThrottlingException
|
|
489
560
|
|
|
490
561
|
UntagResourceRequest.add_member(:instance_arn, Shapes::ShapeRef.new(shape: InstanceArn, required: true, location_name: "InstanceArn"))
|
|
491
|
-
UntagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape:
|
|
562
|
+
UntagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: TaggableResourceArn, required: true, location_name: "ResourceArn"))
|
|
492
563
|
UntagResourceRequest.add_member(:tag_keys, Shapes::ShapeRef.new(shape: TagKeyList, required: true, location_name: "TagKeys"))
|
|
493
564
|
UntagResourceRequest.struct_class = Types::UntagResourceRequest
|
|
494
565
|
|
|
@@ -532,6 +603,21 @@ module Aws::SSOAdmin
|
|
|
532
603
|
"uid" => "sso-admin-2020-07-20",
|
|
533
604
|
}
|
|
534
605
|
|
|
606
|
+
api.add_operation(:attach_customer_managed_policy_reference_to_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
607
|
+
o.name = "AttachCustomerManagedPolicyReferenceToPermissionSet"
|
|
608
|
+
o.http_method = "POST"
|
|
609
|
+
o.http_request_uri = "/"
|
|
610
|
+
o.input = Shapes::ShapeRef.new(shape: AttachCustomerManagedPolicyReferenceToPermissionSetRequest)
|
|
611
|
+
o.output = Shapes::ShapeRef.new(shape: AttachCustomerManagedPolicyReferenceToPermissionSetResponse)
|
|
612
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
613
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
614
|
+
o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
|
|
615
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
616
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
617
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
618
|
+
o.errors << Shapes::ShapeRef.new(shape: ConflictException)
|
|
619
|
+
end)
|
|
620
|
+
|
|
535
621
|
api.add_operation(:attach_managed_policy_to_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
536
622
|
o.name = "AttachManagedPolicyToPermissionSet"
|
|
537
623
|
o.http_method = "POST"
|
|
@@ -647,6 +733,19 @@ module Aws::SSOAdmin
|
|
|
647
733
|
o.errors << Shapes::ShapeRef.new(shape: ConflictException)
|
|
648
734
|
end)
|
|
649
735
|
|
|
736
|
+
api.add_operation(:delete_permissions_boundary_from_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
737
|
+
o.name = "DeletePermissionsBoundaryFromPermissionSet"
|
|
738
|
+
o.http_method = "POST"
|
|
739
|
+
o.http_request_uri = "/"
|
|
740
|
+
o.input = Shapes::ShapeRef.new(shape: DeletePermissionsBoundaryFromPermissionSetRequest)
|
|
741
|
+
o.output = Shapes::ShapeRef.new(shape: DeletePermissionsBoundaryFromPermissionSetResponse)
|
|
742
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
743
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
744
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
745
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
746
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
747
|
+
end)
|
|
748
|
+
|
|
650
749
|
api.add_operation(:describe_account_assignment_creation_status, Seahorse::Model::Operation.new.tap do |o|
|
|
651
750
|
o.name = "DescribeAccountAssignmentCreationStatus"
|
|
652
751
|
o.http_method = "POST"
|
|
@@ -712,6 +811,20 @@ module Aws::SSOAdmin
|
|
|
712
811
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
713
812
|
end)
|
|
714
813
|
|
|
814
|
+
api.add_operation(:detach_customer_managed_policy_reference_from_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
815
|
+
o.name = "DetachCustomerManagedPolicyReferenceFromPermissionSet"
|
|
816
|
+
o.http_method = "POST"
|
|
817
|
+
o.http_request_uri = "/"
|
|
818
|
+
o.input = Shapes::ShapeRef.new(shape: DetachCustomerManagedPolicyReferenceFromPermissionSetRequest)
|
|
819
|
+
o.output = Shapes::ShapeRef.new(shape: DetachCustomerManagedPolicyReferenceFromPermissionSetResponse)
|
|
820
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
821
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
822
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
823
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
824
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
825
|
+
o.errors << Shapes::ShapeRef.new(shape: ConflictException)
|
|
826
|
+
end)
|
|
827
|
+
|
|
715
828
|
api.add_operation(:detach_managed_policy_from_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
716
829
|
o.name = "DetachManagedPolicyFromPermissionSet"
|
|
717
830
|
o.http_method = "POST"
|
|
@@ -739,6 +852,19 @@ module Aws::SSOAdmin
|
|
|
739
852
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
740
853
|
end)
|
|
741
854
|
|
|
855
|
+
api.add_operation(:get_permissions_boundary_for_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
856
|
+
o.name = "GetPermissionsBoundaryForPermissionSet"
|
|
857
|
+
o.http_method = "POST"
|
|
858
|
+
o.http_request_uri = "/"
|
|
859
|
+
o.input = Shapes::ShapeRef.new(shape: GetPermissionsBoundaryForPermissionSetRequest)
|
|
860
|
+
o.output = Shapes::ShapeRef.new(shape: GetPermissionsBoundaryForPermissionSetResponse)
|
|
861
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
862
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
863
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
864
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
865
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
866
|
+
end)
|
|
867
|
+
|
|
742
868
|
api.add_operation(:list_account_assignment_creation_status, Seahorse::Model::Operation.new.tap do |o|
|
|
743
869
|
o.name = "ListAccountAssignmentCreationStatus"
|
|
744
870
|
o.http_method = "POST"
|
|
@@ -815,6 +941,25 @@ module Aws::SSOAdmin
|
|
|
815
941
|
)
|
|
816
942
|
end)
|
|
817
943
|
|
|
944
|
+
api.add_operation(:list_customer_managed_policy_references_in_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
945
|
+
o.name = "ListCustomerManagedPolicyReferencesInPermissionSet"
|
|
946
|
+
o.http_method = "POST"
|
|
947
|
+
o.http_request_uri = "/"
|
|
948
|
+
o.input = Shapes::ShapeRef.new(shape: ListCustomerManagedPolicyReferencesInPermissionSetRequest)
|
|
949
|
+
o.output = Shapes::ShapeRef.new(shape: ListCustomerManagedPolicyReferencesInPermissionSetResponse)
|
|
950
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
951
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
952
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
953
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
954
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
955
|
+
o[:pager] = Aws::Pager.new(
|
|
956
|
+
limit_key: "max_results",
|
|
957
|
+
tokens: {
|
|
958
|
+
"next_token" => "next_token"
|
|
959
|
+
}
|
|
960
|
+
)
|
|
961
|
+
end)
|
|
962
|
+
|
|
818
963
|
api.add_operation(:list_instances, Seahorse::Model::Operation.new.tap do |o|
|
|
819
964
|
o.name = "ListInstances"
|
|
820
965
|
o.http_method = "POST"
|
|
@@ -956,6 +1101,20 @@ module Aws::SSOAdmin
|
|
|
956
1101
|
o.errors << Shapes::ShapeRef.new(shape: ConflictException)
|
|
957
1102
|
end)
|
|
958
1103
|
|
|
1104
|
+
api.add_operation(:put_permissions_boundary_to_permission_set, Seahorse::Model::Operation.new.tap do |o|
|
|
1105
|
+
o.name = "PutPermissionsBoundaryToPermissionSet"
|
|
1106
|
+
o.http_method = "POST"
|
|
1107
|
+
o.http_request_uri = "/"
|
|
1108
|
+
o.input = Shapes::ShapeRef.new(shape: PutPermissionsBoundaryToPermissionSetRequest)
|
|
1109
|
+
o.output = Shapes::ShapeRef.new(shape: PutPermissionsBoundaryToPermissionSetResponse)
|
|
1110
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
1111
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
|
1112
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
|
1113
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
1114
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
1115
|
+
o.errors << Shapes::ShapeRef.new(shape: ConflictException)
|
|
1116
|
+
end)
|
|
1117
|
+
|
|
959
1118
|
api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o|
|
|
960
1119
|
o.name = "TagResource"
|
|
961
1120
|
o.http_method = "POST"
|
|
@@ -49,7 +49,12 @@ module Aws::SSOAdmin
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
# The value used for mapping a specified attribute to an identity
|
|
52
|
-
# source.
|
|
52
|
+
# source. For more information, see [Attribute mappings][1] in the
|
|
53
|
+
# Amazon Web Services Single Sign-On User Guide.
|
|
54
|
+
#
|
|
55
|
+
#
|
|
56
|
+
#
|
|
57
|
+
# [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/attributemappingsconcept.html
|
|
53
58
|
#
|
|
54
59
|
# @note When making an API call, you may pass AccessControlAttributeValue
|
|
55
60
|
# data as a hash:
|
|
@@ -218,6 +223,48 @@ module Aws::SSOAdmin
|
|
|
218
223
|
include Aws::Structure
|
|
219
224
|
end
|
|
220
225
|
|
|
226
|
+
# @note When making an API call, you may pass AttachCustomerManagedPolicyReferenceToPermissionSetRequest
|
|
227
|
+
# data as a hash:
|
|
228
|
+
#
|
|
229
|
+
# {
|
|
230
|
+
# instance_arn: "InstanceArn", # required
|
|
231
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
232
|
+
# customer_managed_policy_reference: { # required
|
|
233
|
+
# name: "ManagedPolicyName", # required
|
|
234
|
+
# path: "ManagedPolicyPath",
|
|
235
|
+
# },
|
|
236
|
+
# }
|
|
237
|
+
#
|
|
238
|
+
# @!attribute [rw] instance_arn
|
|
239
|
+
# The ARN of the SSO instance under which the operation will be
|
|
240
|
+
# executed.
|
|
241
|
+
# @return [String]
|
|
242
|
+
#
|
|
243
|
+
# @!attribute [rw] permission_set_arn
|
|
244
|
+
# The ARN of the `PermissionSet`.
|
|
245
|
+
# @return [String]
|
|
246
|
+
#
|
|
247
|
+
# @!attribute [rw] customer_managed_policy_reference
|
|
248
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
249
|
+
# must have an IAM policy that matches the name and path in each
|
|
250
|
+
# Amazon Web Services account where you want to deploy your permission
|
|
251
|
+
# set.
|
|
252
|
+
# @return [Types::CustomerManagedPolicyReference]
|
|
253
|
+
#
|
|
254
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSetRequest AWS API Documentation
|
|
255
|
+
#
|
|
256
|
+
class AttachCustomerManagedPolicyReferenceToPermissionSetRequest < Struct.new(
|
|
257
|
+
:instance_arn,
|
|
258
|
+
:permission_set_arn,
|
|
259
|
+
:customer_managed_policy_reference)
|
|
260
|
+
SENSITIVE = []
|
|
261
|
+
include Aws::Structure
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachCustomerManagedPolicyReferenceToPermissionSetResponse AWS API Documentation
|
|
265
|
+
#
|
|
266
|
+
class AttachCustomerManagedPolicyReferenceToPermissionSetResponse < Aws::EmptyStructure; end
|
|
267
|
+
|
|
221
268
|
# @note When making an API call, you may pass AttachManagedPolicyToPermissionSetRequest
|
|
222
269
|
# data as a hash:
|
|
223
270
|
#
|
|
@@ -241,7 +288,8 @@ module Aws::SSOAdmin
|
|
|
241
288
|
# @return [String]
|
|
242
289
|
#
|
|
243
290
|
# @!attribute [rw] managed_policy_arn
|
|
244
|
-
# The
|
|
291
|
+
# The Amazon Web Services managed policy ARN to be attached to a
|
|
292
|
+
# permission set.
|
|
245
293
|
# @return [String]
|
|
246
294
|
#
|
|
247
295
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSetRequest AWS API Documentation
|
|
@@ -258,15 +306,17 @@ module Aws::SSOAdmin
|
|
|
258
306
|
#
|
|
259
307
|
class AttachManagedPolicyToPermissionSetResponse < Aws::EmptyStructure; end
|
|
260
308
|
|
|
261
|
-
# A structure that stores the details of the
|
|
309
|
+
# A structure that stores the details of the Amazon Web Services managed
|
|
310
|
+
# IAM policy.
|
|
262
311
|
#
|
|
263
312
|
# @!attribute [rw] name
|
|
264
|
-
# The name of the
|
|
313
|
+
# The name of the Amazon Web Services managed IAM policy.
|
|
265
314
|
# @return [String]
|
|
266
315
|
#
|
|
267
316
|
# @!attribute [rw] arn
|
|
268
|
-
# The ARN of the
|
|
269
|
-
# see [Amazon Resource Names (ARNs) and Amazon
|
|
317
|
+
# The ARN of the Amazon Web Services managed IAM policy. For more
|
|
318
|
+
# information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
|
|
319
|
+
# Web Services Service
|
|
270
320
|
# Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the
|
|
271
321
|
# *Amazon Web Services General Reference*.
|
|
272
322
|
# @return [String]
|
|
@@ -426,8 +476,8 @@ module Aws::SSOAdmin
|
|
|
426
476
|
# relay_state: "RelayState",
|
|
427
477
|
# tags: [
|
|
428
478
|
# {
|
|
429
|
-
# key: "TagKey",
|
|
430
|
-
# value: "TagValue",
|
|
479
|
+
# key: "TagKey", # required
|
|
480
|
+
# value: "TagValue", # required
|
|
431
481
|
# },
|
|
432
482
|
# ],
|
|
433
483
|
# }
|
|
@@ -487,6 +537,41 @@ module Aws::SSOAdmin
|
|
|
487
537
|
include Aws::Structure
|
|
488
538
|
end
|
|
489
539
|
|
|
540
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
541
|
+
# must have an IAM policy that matches the name and path in each Amazon
|
|
542
|
+
# Web Services account where you want to deploy your permission set.
|
|
543
|
+
#
|
|
544
|
+
# @note When making an API call, you may pass CustomerManagedPolicyReference
|
|
545
|
+
# data as a hash:
|
|
546
|
+
#
|
|
547
|
+
# {
|
|
548
|
+
# name: "ManagedPolicyName", # required
|
|
549
|
+
# path: "ManagedPolicyPath",
|
|
550
|
+
# }
|
|
551
|
+
#
|
|
552
|
+
# @!attribute [rw] name
|
|
553
|
+
# The name of the policy document.
|
|
554
|
+
# @return [String]
|
|
555
|
+
#
|
|
556
|
+
# @!attribute [rw] path
|
|
557
|
+
# The path for the policy. The default is `/`. For more information,
|
|
558
|
+
# see [Friendly names and paths][1] in the Identity and Access
|
|
559
|
+
# Management user guide.
|
|
560
|
+
#
|
|
561
|
+
#
|
|
562
|
+
#
|
|
563
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names
|
|
564
|
+
# @return [String]
|
|
565
|
+
#
|
|
566
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CustomerManagedPolicyReference AWS API Documentation
|
|
567
|
+
#
|
|
568
|
+
class CustomerManagedPolicyReference < Struct.new(
|
|
569
|
+
:name,
|
|
570
|
+
:path)
|
|
571
|
+
SENSITIVE = []
|
|
572
|
+
include Aws::Structure
|
|
573
|
+
end
|
|
574
|
+
|
|
490
575
|
# @note When making an API call, you may pass DeleteAccountAssignmentRequest
|
|
491
576
|
# data as a hash:
|
|
492
577
|
#
|
|
@@ -648,6 +733,36 @@ module Aws::SSOAdmin
|
|
|
648
733
|
#
|
|
649
734
|
class DeletePermissionSetResponse < Aws::EmptyStructure; end
|
|
650
735
|
|
|
736
|
+
# @note When making an API call, you may pass DeletePermissionsBoundaryFromPermissionSetRequest
|
|
737
|
+
# data as a hash:
|
|
738
|
+
#
|
|
739
|
+
# {
|
|
740
|
+
# instance_arn: "InstanceArn", # required
|
|
741
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
742
|
+
# }
|
|
743
|
+
#
|
|
744
|
+
# @!attribute [rw] instance_arn
|
|
745
|
+
# The ARN of the SSO instance under which the operation will be
|
|
746
|
+
# executed.
|
|
747
|
+
# @return [String]
|
|
748
|
+
#
|
|
749
|
+
# @!attribute [rw] permission_set_arn
|
|
750
|
+
# The ARN of the `PermissionSet`.
|
|
751
|
+
# @return [String]
|
|
752
|
+
#
|
|
753
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionsBoundaryFromPermissionSetRequest AWS API Documentation
|
|
754
|
+
#
|
|
755
|
+
class DeletePermissionsBoundaryFromPermissionSetRequest < Struct.new(
|
|
756
|
+
:instance_arn,
|
|
757
|
+
:permission_set_arn)
|
|
758
|
+
SENSITIVE = []
|
|
759
|
+
include Aws::Structure
|
|
760
|
+
end
|
|
761
|
+
|
|
762
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionsBoundaryFromPermissionSetResponse AWS API Documentation
|
|
763
|
+
#
|
|
764
|
+
class DeletePermissionsBoundaryFromPermissionSetResponse < Aws::EmptyStructure; end
|
|
765
|
+
|
|
651
766
|
# @note When making an API call, you may pass DescribeAccountAssignmentCreationStatusRequest
|
|
652
767
|
# data as a hash:
|
|
653
768
|
#
|
|
@@ -857,6 +972,48 @@ module Aws::SSOAdmin
|
|
|
857
972
|
include Aws::Structure
|
|
858
973
|
end
|
|
859
974
|
|
|
975
|
+
# @note When making an API call, you may pass DetachCustomerManagedPolicyReferenceFromPermissionSetRequest
|
|
976
|
+
# data as a hash:
|
|
977
|
+
#
|
|
978
|
+
# {
|
|
979
|
+
# instance_arn: "InstanceArn", # required
|
|
980
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
981
|
+
# customer_managed_policy_reference: { # required
|
|
982
|
+
# name: "ManagedPolicyName", # required
|
|
983
|
+
# path: "ManagedPolicyPath",
|
|
984
|
+
# },
|
|
985
|
+
# }
|
|
986
|
+
#
|
|
987
|
+
# @!attribute [rw] instance_arn
|
|
988
|
+
# The ARN of the SSO instance under which the operation will be
|
|
989
|
+
# executed.
|
|
990
|
+
# @return [String]
|
|
991
|
+
#
|
|
992
|
+
# @!attribute [rw] permission_set_arn
|
|
993
|
+
# The ARN of the `PermissionSet`.
|
|
994
|
+
# @return [String]
|
|
995
|
+
#
|
|
996
|
+
# @!attribute [rw] customer_managed_policy_reference
|
|
997
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
998
|
+
# must have an IAM policy that matches the name and path in each
|
|
999
|
+
# Amazon Web Services account where you want to deploy your permission
|
|
1000
|
+
# set.
|
|
1001
|
+
# @return [Types::CustomerManagedPolicyReference]
|
|
1002
|
+
#
|
|
1003
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSetRequest AWS API Documentation
|
|
1004
|
+
#
|
|
1005
|
+
class DetachCustomerManagedPolicyReferenceFromPermissionSetRequest < Struct.new(
|
|
1006
|
+
:instance_arn,
|
|
1007
|
+
:permission_set_arn,
|
|
1008
|
+
:customer_managed_policy_reference)
|
|
1009
|
+
SENSITIVE = []
|
|
1010
|
+
include Aws::Structure
|
|
1011
|
+
end
|
|
1012
|
+
|
|
1013
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachCustomerManagedPolicyReferenceFromPermissionSetResponse AWS API Documentation
|
|
1014
|
+
#
|
|
1015
|
+
class DetachCustomerManagedPolicyReferenceFromPermissionSetResponse < Aws::EmptyStructure; end
|
|
1016
|
+
|
|
860
1017
|
# @note When making an API call, you may pass DetachManagedPolicyFromPermissionSetRequest
|
|
861
1018
|
# data as a hash:
|
|
862
1019
|
#
|
|
@@ -880,7 +1037,8 @@ module Aws::SSOAdmin
|
|
|
880
1037
|
# @return [String]
|
|
881
1038
|
#
|
|
882
1039
|
# @!attribute [rw] managed_policy_arn
|
|
883
|
-
# The
|
|
1040
|
+
# The Amazon Web Services managed policy ARN to be detached from a
|
|
1041
|
+
# permission set.
|
|
884
1042
|
# @return [String]
|
|
885
1043
|
#
|
|
886
1044
|
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSetRequest AWS API Documentation
|
|
@@ -934,7 +1092,45 @@ module Aws::SSOAdmin
|
|
|
934
1092
|
#
|
|
935
1093
|
class GetInlinePolicyForPermissionSetResponse < Struct.new(
|
|
936
1094
|
:inline_policy)
|
|
937
|
-
SENSITIVE = [
|
|
1095
|
+
SENSITIVE = []
|
|
1096
|
+
include Aws::Structure
|
|
1097
|
+
end
|
|
1098
|
+
|
|
1099
|
+
# @note When making an API call, you may pass GetPermissionsBoundaryForPermissionSetRequest
|
|
1100
|
+
# data as a hash:
|
|
1101
|
+
#
|
|
1102
|
+
# {
|
|
1103
|
+
# instance_arn: "InstanceArn", # required
|
|
1104
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1105
|
+
# }
|
|
1106
|
+
#
|
|
1107
|
+
# @!attribute [rw] instance_arn
|
|
1108
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1109
|
+
# executed.
|
|
1110
|
+
# @return [String]
|
|
1111
|
+
#
|
|
1112
|
+
# @!attribute [rw] permission_set_arn
|
|
1113
|
+
# The ARN of the `PermissionSet`.
|
|
1114
|
+
# @return [String]
|
|
1115
|
+
#
|
|
1116
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetPermissionsBoundaryForPermissionSetRequest AWS API Documentation
|
|
1117
|
+
#
|
|
1118
|
+
class GetPermissionsBoundaryForPermissionSetRequest < Struct.new(
|
|
1119
|
+
:instance_arn,
|
|
1120
|
+
:permission_set_arn)
|
|
1121
|
+
SENSITIVE = []
|
|
1122
|
+
include Aws::Structure
|
|
1123
|
+
end
|
|
1124
|
+
|
|
1125
|
+
# @!attribute [rw] permissions_boundary
|
|
1126
|
+
# The permissions boundary attached to the specified permission set.
|
|
1127
|
+
# @return [Types::PermissionsBoundary]
|
|
1128
|
+
#
|
|
1129
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetPermissionsBoundaryForPermissionSetResponse AWS API Documentation
|
|
1130
|
+
#
|
|
1131
|
+
class GetPermissionsBoundaryForPermissionSetResponse < Struct.new(
|
|
1132
|
+
:permissions_boundary)
|
|
1133
|
+
SENSITIVE = []
|
|
938
1134
|
include Aws::Structure
|
|
939
1135
|
end
|
|
940
1136
|
|
|
@@ -1266,6 +1462,64 @@ module Aws::SSOAdmin
|
|
|
1266
1462
|
include Aws::Structure
|
|
1267
1463
|
end
|
|
1268
1464
|
|
|
1465
|
+
# @note When making an API call, you may pass ListCustomerManagedPolicyReferencesInPermissionSetRequest
|
|
1466
|
+
# data as a hash:
|
|
1467
|
+
#
|
|
1468
|
+
# {
|
|
1469
|
+
# instance_arn: "InstanceArn", # required
|
|
1470
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
1471
|
+
# max_results: 1,
|
|
1472
|
+
# next_token: "Token",
|
|
1473
|
+
# }
|
|
1474
|
+
#
|
|
1475
|
+
# @!attribute [rw] instance_arn
|
|
1476
|
+
# The ARN of the SSO instance under which the operation will be
|
|
1477
|
+
# executed.
|
|
1478
|
+
# @return [String]
|
|
1479
|
+
#
|
|
1480
|
+
# @!attribute [rw] permission_set_arn
|
|
1481
|
+
# The ARN of the `PermissionSet`.
|
|
1482
|
+
# @return [String]
|
|
1483
|
+
#
|
|
1484
|
+
# @!attribute [rw] max_results
|
|
1485
|
+
# The maximum number of results to display for the list call.
|
|
1486
|
+
# @return [Integer]
|
|
1487
|
+
#
|
|
1488
|
+
# @!attribute [rw] next_token
|
|
1489
|
+
# The pagination token for the list API. Initially the value is null.
|
|
1490
|
+
# Use the output of previous API calls to make subsequent calls.
|
|
1491
|
+
# @return [String]
|
|
1492
|
+
#
|
|
1493
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListCustomerManagedPolicyReferencesInPermissionSetRequest AWS API Documentation
|
|
1494
|
+
#
|
|
1495
|
+
class ListCustomerManagedPolicyReferencesInPermissionSetRequest < Struct.new(
|
|
1496
|
+
:instance_arn,
|
|
1497
|
+
:permission_set_arn,
|
|
1498
|
+
:max_results,
|
|
1499
|
+
:next_token)
|
|
1500
|
+
SENSITIVE = []
|
|
1501
|
+
include Aws::Structure
|
|
1502
|
+
end
|
|
1503
|
+
|
|
1504
|
+
# @!attribute [rw] customer_managed_policy_references
|
|
1505
|
+
# Specifies the names and paths of the IAM customer managed policies
|
|
1506
|
+
# that you have attached to your permission set.
|
|
1507
|
+
# @return [Array<Types::CustomerManagedPolicyReference>]
|
|
1508
|
+
#
|
|
1509
|
+
# @!attribute [rw] next_token
|
|
1510
|
+
# The pagination token for the list API. Initially the value is null.
|
|
1511
|
+
# Use the output of previous API calls to make subsequent calls.
|
|
1512
|
+
# @return [String]
|
|
1513
|
+
#
|
|
1514
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListCustomerManagedPolicyReferencesInPermissionSetResponse AWS API Documentation
|
|
1515
|
+
#
|
|
1516
|
+
class ListCustomerManagedPolicyReferencesInPermissionSetResponse < Struct.new(
|
|
1517
|
+
:customer_managed_policy_references,
|
|
1518
|
+
:next_token)
|
|
1519
|
+
SENSITIVE = []
|
|
1520
|
+
include Aws::Structure
|
|
1521
|
+
end
|
|
1522
|
+
|
|
1269
1523
|
# @note When making an API call, you may pass ListInstancesRequest
|
|
1270
1524
|
# data as a hash:
|
|
1271
1525
|
#
|
|
@@ -1558,7 +1812,7 @@ module Aws::SSOAdmin
|
|
|
1558
1812
|
#
|
|
1559
1813
|
# {
|
|
1560
1814
|
# instance_arn: "InstanceArn", # required
|
|
1561
|
-
# resource_arn: "
|
|
1815
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1562
1816
|
# next_token: "Token",
|
|
1563
1817
|
# }
|
|
1564
1818
|
#
|
|
@@ -1744,6 +1998,59 @@ module Aws::SSOAdmin
|
|
|
1744
1998
|
include Aws::Structure
|
|
1745
1999
|
end
|
|
1746
2000
|
|
|
2001
|
+
# Specifies the configuration of the Amazon Web Services managed or
|
|
2002
|
+
# customer managed policy that you want to set as a permissions
|
|
2003
|
+
# boundary. Specify either `CustomerManagedPolicyReference` to use the
|
|
2004
|
+
# name and path of a customer managed policy, or `ManagedPolicyArn` to
|
|
2005
|
+
# use the ARN of an Amazon Web Services managed IAM policy. A
|
|
2006
|
+
# permissions boundary represents the maximum permissions that any
|
|
2007
|
+
# policy can grant your role. For more information, see [Permissions
|
|
2008
|
+
# boundaries for IAM entities][1] in the *Identity and Access Management
|
|
2009
|
+
# User Guide*.
|
|
2010
|
+
#
|
|
2011
|
+
# Policies used as permissions boundaries do not provide permissions.
|
|
2012
|
+
# You must also attach an IAM policy to the role. To learn how the
|
|
2013
|
+
# effective permissions for a role are evaluated, see [IAM JSON policy
|
|
2014
|
+
# evaluation logic][2] in the *Identity and Access Management User
|
|
2015
|
+
# Guide*.
|
|
2016
|
+
#
|
|
2017
|
+
#
|
|
2018
|
+
#
|
|
2019
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
|
2020
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
|
|
2021
|
+
#
|
|
2022
|
+
# @note When making an API call, you may pass PermissionsBoundary
|
|
2023
|
+
# data as a hash:
|
|
2024
|
+
#
|
|
2025
|
+
# {
|
|
2026
|
+
# customer_managed_policy_reference: {
|
|
2027
|
+
# name: "ManagedPolicyName", # required
|
|
2028
|
+
# path: "ManagedPolicyPath",
|
|
2029
|
+
# },
|
|
2030
|
+
# managed_policy_arn: "ManagedPolicyArn",
|
|
2031
|
+
# }
|
|
2032
|
+
#
|
|
2033
|
+
# @!attribute [rw] customer_managed_policy_reference
|
|
2034
|
+
# Specifies the name and path of the IAM customer managed policy. You
|
|
2035
|
+
# must have an IAM policy that matches the name and path in each
|
|
2036
|
+
# Amazon Web Services account where you want to deploy your permission
|
|
2037
|
+
# set.
|
|
2038
|
+
# @return [Types::CustomerManagedPolicyReference]
|
|
2039
|
+
#
|
|
2040
|
+
# @!attribute [rw] managed_policy_arn
|
|
2041
|
+
# The Amazon Web Services managed policy ARN that you want to attach
|
|
2042
|
+
# to a permission set as a permissions boundary.
|
|
2043
|
+
# @return [String]
|
|
2044
|
+
#
|
|
2045
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PermissionsBoundary AWS API Documentation
|
|
2046
|
+
#
|
|
2047
|
+
class PermissionsBoundary < Struct.new(
|
|
2048
|
+
:customer_managed_policy_reference,
|
|
2049
|
+
:managed_policy_arn)
|
|
2050
|
+
SENSITIVE = []
|
|
2051
|
+
include Aws::Structure
|
|
2052
|
+
end
|
|
2053
|
+
|
|
1747
2054
|
# @note When making an API call, you may pass ProvisionPermissionSetRequest
|
|
1748
2055
|
# data as a hash:
|
|
1749
2056
|
#
|
|
@@ -1829,7 +2136,7 @@ module Aws::SSOAdmin
|
|
|
1829
2136
|
:instance_arn,
|
|
1830
2137
|
:permission_set_arn,
|
|
1831
2138
|
:inline_policy)
|
|
1832
|
-
SENSITIVE = [
|
|
2139
|
+
SENSITIVE = []
|
|
1833
2140
|
include Aws::Structure
|
|
1834
2141
|
end
|
|
1835
2142
|
|
|
@@ -1837,6 +2144,49 @@ module Aws::SSOAdmin
|
|
|
1837
2144
|
#
|
|
1838
2145
|
class PutInlinePolicyToPermissionSetResponse < Aws::EmptyStructure; end
|
|
1839
2146
|
|
|
2147
|
+
# @note When making an API call, you may pass PutPermissionsBoundaryToPermissionSetRequest
|
|
2148
|
+
# data as a hash:
|
|
2149
|
+
#
|
|
2150
|
+
# {
|
|
2151
|
+
# instance_arn: "InstanceArn", # required
|
|
2152
|
+
# permission_set_arn: "PermissionSetArn", # required
|
|
2153
|
+
# permissions_boundary: { # required
|
|
2154
|
+
# customer_managed_policy_reference: {
|
|
2155
|
+
# name: "ManagedPolicyName", # required
|
|
2156
|
+
# path: "ManagedPolicyPath",
|
|
2157
|
+
# },
|
|
2158
|
+
# managed_policy_arn: "ManagedPolicyArn",
|
|
2159
|
+
# },
|
|
2160
|
+
# }
|
|
2161
|
+
#
|
|
2162
|
+
# @!attribute [rw] instance_arn
|
|
2163
|
+
# The ARN of the SSO instance under which the operation will be
|
|
2164
|
+
# executed.
|
|
2165
|
+
# @return [String]
|
|
2166
|
+
#
|
|
2167
|
+
# @!attribute [rw] permission_set_arn
|
|
2168
|
+
# The ARN of the `PermissionSet`.
|
|
2169
|
+
# @return [String]
|
|
2170
|
+
#
|
|
2171
|
+
# @!attribute [rw] permissions_boundary
|
|
2172
|
+
# The permissions boundary that you want to attach to a
|
|
2173
|
+
# `PermissionSet`.
|
|
2174
|
+
# @return [Types::PermissionsBoundary]
|
|
2175
|
+
#
|
|
2176
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutPermissionsBoundaryToPermissionSetRequest AWS API Documentation
|
|
2177
|
+
#
|
|
2178
|
+
class PutPermissionsBoundaryToPermissionSetRequest < Struct.new(
|
|
2179
|
+
:instance_arn,
|
|
2180
|
+
:permission_set_arn,
|
|
2181
|
+
:permissions_boundary)
|
|
2182
|
+
SENSITIVE = []
|
|
2183
|
+
include Aws::Structure
|
|
2184
|
+
end
|
|
2185
|
+
|
|
2186
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutPermissionsBoundaryToPermissionSetResponse AWS API Documentation
|
|
2187
|
+
#
|
|
2188
|
+
class PutPermissionsBoundaryToPermissionSetResponse < Aws::EmptyStructure; end
|
|
2189
|
+
|
|
1840
2190
|
# Indicates that a requested resource is not found.
|
|
1841
2191
|
#
|
|
1842
2192
|
# @!attribute [rw] message
|
|
@@ -1873,8 +2223,8 @@ module Aws::SSOAdmin
|
|
|
1873
2223
|
# data as a hash:
|
|
1874
2224
|
#
|
|
1875
2225
|
# {
|
|
1876
|
-
# key: "TagKey",
|
|
1877
|
-
# value: "TagValue",
|
|
2226
|
+
# key: "TagKey", # required
|
|
2227
|
+
# value: "TagValue", # required
|
|
1878
2228
|
# }
|
|
1879
2229
|
#
|
|
1880
2230
|
# @!attribute [rw] key
|
|
@@ -1899,11 +2249,11 @@ module Aws::SSOAdmin
|
|
|
1899
2249
|
#
|
|
1900
2250
|
# {
|
|
1901
2251
|
# instance_arn: "InstanceArn", # required
|
|
1902
|
-
# resource_arn: "
|
|
2252
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1903
2253
|
# tags: [ # required
|
|
1904
2254
|
# {
|
|
1905
|
-
# key: "TagKey",
|
|
1906
|
-
# value: "TagValue",
|
|
2255
|
+
# key: "TagKey", # required
|
|
2256
|
+
# value: "TagValue", # required
|
|
1907
2257
|
# },
|
|
1908
2258
|
# ],
|
|
1909
2259
|
# }
|
|
@@ -1957,7 +2307,7 @@ module Aws::SSOAdmin
|
|
|
1957
2307
|
#
|
|
1958
2308
|
# {
|
|
1959
2309
|
# instance_arn: "InstanceArn", # required
|
|
1960
|
-
# resource_arn: "
|
|
2310
|
+
# resource_arn: "TaggableResourceArn", # required
|
|
1961
2311
|
# tag_keys: ["TagKey"], # required
|
|
1962
2312
|
# }
|
|
1963
2313
|
#
|
data/lib/aws-sdk-ssoadmin.rb
CHANGED
|
@@ -28,7 +28,7 @@ require_relative 'aws-sdk-ssoadmin/customizations'
|
|
|
28
28
|
# structure.
|
|
29
29
|
#
|
|
30
30
|
# sso_admin = Aws::SSOAdmin::Client.new
|
|
31
|
-
# resp = sso_admin.
|
|
31
|
+
# resp = sso_admin.attach_customer_managed_policy_reference_to_permission_set(params)
|
|
32
32
|
#
|
|
33
33
|
# See {Client} for more information.
|
|
34
34
|
#
|
|
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-ssoadmin/customizations'
|
|
|
48
48
|
# @!group service
|
|
49
49
|
module Aws::SSOAdmin
|
|
50
50
|
|
|
51
|
-
GEM_VERSION = '1.
|
|
51
|
+
GEM_VERSION = '1.17.0'
|
|
52
52
|
|
|
53
53
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-ssoadmin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.17.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|