Documentation
¶
Index ¶
- type AccessControlAttribute
- type AccessControlAttributeValue
- type AccessDeniedException
- type AccountAssignment
- type AccountAssignmentForPrincipal
- type AccountAssignmentOperationStatus
- type AccountAssignmentOperationStatusMetadata
- type Application
- type ApplicationAssignment
- type ApplicationAssignmentForPrincipal
- type ApplicationProvider
- type ApplicationStatus
- type ApplicationVisibility
- type AttachedManagedPolicy
- type AuthenticationMethod
- type AuthenticationMethodItem
- type AuthenticationMethodMemberIam
- type AuthenticationMethodType
- type AuthorizationCodeGrant
- type AuthorizedTokenIssuer
- type ConflictException
- type CustomerManagedPolicyReference
- type DisplayData
- type FederationProtocol
- type Grant
- type GrantItem
- type GrantMemberAuthorizationCode
- type GrantMemberJwtBearer
- type GrantMemberRefreshToken
- type GrantMemberTokenExchange
- type GrantType
- type IamAuthenticationMethod
- type InstanceAccessControlAttributeConfiguration
- type InstanceAccessControlAttributeConfigurationStatus
- type InstanceMetadata
- type InstanceStatus
- type InternalServerException
- type JwksRetrievalOption
- type JwtBearerGrant
- type ListAccountAssignmentsFilter
- type ListApplicationAssignmentsFilter
- type ListApplicationsFilter
- type OidcJwtConfiguration
- type OidcJwtUpdateConfiguration
- type OperationStatusFilter
- type PermissionSet
- type PermissionSetProvisioningStatus
- type PermissionSetProvisioningStatusMetadata
- type PermissionsBoundary
- type PortalOptions
- type PrincipalType
- type ProvisionTargetType
- type ProvisioningStatus
- type RefreshTokenGrant
- type ResourceNotFoundException
- type ResourceServerConfig
- type ResourceServerScopeDetails
- type ScopeDetails
- type ServiceQuotaExceededException
- type SignInOptions
- type SignInOrigin
- type StatusValues
- type Tag
- type TargetType
- type ThrottlingException
- type TokenExchangeGrant
- type TrustedTokenIssuerConfiguration
- type TrustedTokenIssuerConfigurationMemberOidcJwtConfiguration
- type TrustedTokenIssuerMetadata
- type TrustedTokenIssuerType
- type TrustedTokenIssuerUpdateConfiguration
- type TrustedTokenIssuerUpdateConfigurationMemberOidcJwtConfiguration
- type UnknownUnionMember
- type UpdateApplicationPortalOptions
- type ValidationException
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessControlAttribute ¶
type AccessControlAttribute struct {
// The name of the attribute associated with your identities in your identity
// source. This is used to map a specified attribute in your identity source with
// an attribute in IAM Identity Center.
//
// This member is required.
Key *string
// The value used for mapping a specified attribute to an identity source.
//
// This member is required.
Value *AccessControlAttributeValue
// contains filtered or unexported fields
}
These are IAM Identity Center identity store attributes that you can configure for use in attributes-based access control (ABAC). You can create permissions policies that determine who can access your Amazon Web Services resources based upon the configured attribute values. When you enable ABAC and specify AccessControlAttributes , IAM Identity Center passes the attribute values of the authenticated user into IAM for use in policy evaluation.
type AccessControlAttributeValue ¶
type AccessControlAttributeValue struct {
// The identity source to use when mapping a specified attribute to IAM Identity
// Center.
//
// This member is required.
Source []string
// contains filtered or unexported fields
}
The value used for mapping a specified attribute to an identity source. For more information, see Attribute mappingsin the IAM Identity Center User Guide.
type AccessDeniedException ¶
type AccessDeniedException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
You do not have sufficient access to perform this action.
func (*AccessDeniedException) Error ¶
func (e *AccessDeniedException) Error() string
func (*AccessDeniedException) ErrorCode ¶
func (e *AccessDeniedException) ErrorCode() string
func (*AccessDeniedException) ErrorFault ¶
func (e *AccessDeniedException) ErrorFault() smithy.ErrorFault
func (*AccessDeniedException) ErrorMessage ¶
func (e *AccessDeniedException) ErrorMessage() string
type AccountAssignment ¶
type AccountAssignment struct {
// The identifier of the Amazon Web Services account.
AccountId *string
// The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the
// Amazon Web Services General Reference.
PermissionSetArn *string
// An identifier for an object in IAM Identity Center, such as a user or group.
// PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For
// more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
PrincipalId *string
// The entity type for which the assignment will be created.
PrincipalType PrincipalType
// contains filtered or unexported fields
}
The assignment that indicates a principal's limited access to a specified Amazon Web Services account with a specified permission set.
The term principal here refers to a user or group that is defined in IAM Identity Center.
type AccountAssignmentForPrincipal ¶
type AccountAssignmentForPrincipal struct {
// The account ID number of the Amazon Web Services account.
AccountId *string
// The ARN of the IAM Identity Center permission set assigned to this principal
// for this Amazon Web Services account.
PermissionSetArn *string
// The ID of the principal.
PrincipalId *string
// The type of the principal.
PrincipalType PrincipalType
// contains filtered or unexported fields
}
A structure that describes an assignment of an Amazon Web Services account to a principal and the permissions that principal has in the account.
type AccountAssignmentOperationStatus ¶
type AccountAssignmentOperationStatus struct {
// The date that the permission set was created.
CreatedDate *time.Time
// The message that contains an error or exception in case of an operation failure.
FailureReason *string
// The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the
// Amazon Web Services General Reference.
PermissionSetArn *string
// An identifier for an object in IAM Identity Center, such as a user or group.
// PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For
// more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
PrincipalId *string
// The entity type for which the assignment will be created.
PrincipalType PrincipalType
// The identifier for tracking the request operation that is generated by the
// universally unique identifier (UUID) workflow.
RequestId *string
// The status of the permission set provisioning process.
Status StatusValues
// TargetID is an Amazon Web Services account identifier, (For example,
// 123456789012).
TargetId *string
// The entity type for which the assignment will be created.
TargetType TargetType
// contains filtered or unexported fields
}
The status of the creation or deletion operation of an assignment that a principal needs to access an account.
type AccountAssignmentOperationStatusMetadata ¶
type AccountAssignmentOperationStatusMetadata struct {
// The date that the permission set was created.
CreatedDate *time.Time
// The identifier for tracking the request operation that is generated by the
// universally unique identifier (UUID) workflow.
RequestId *string
// The status of the permission set provisioning process.
Status StatusValues
// contains filtered or unexported fields
}
Provides information about the AccountAssignment creation request.
type Application ¶
type Application struct {
// The Amazon Web Services account ID number of the application.
ApplicationAccount *string
// The ARN of the application.
ApplicationArn *string
// The ARN of the application provider for this application.
ApplicationProviderArn *string
// The date and time when the application was originally created.
CreatedDate *time.Time
// The description of the application.
Description *string
// The ARN of the instance of IAM Identity Center that is configured with this
// application.
InstanceArn *string
// The name of the application.
Name *string
// A structure that describes the options for the access portal associated with
// this application.
PortalOptions *PortalOptions
// The current status of the application in this instance of IAM Identity Center.
Status ApplicationStatus
// contains filtered or unexported fields
}
A structure that describes an application that uses IAM Identity Center for access management.
type ApplicationAssignment ¶
type ApplicationAssignment struct {
// The ARN of the application that has principals assigned.
//
// This member is required.
ApplicationArn *string
// The unique identifier of the principal assigned to the application.
//
// This member is required.
PrincipalId *string
// The type of the principal assigned to the application.
//
// This member is required.
PrincipalType PrincipalType
// contains filtered or unexported fields
}
A structure that describes an assignment of a principal to an application.
type ApplicationAssignmentForPrincipal ¶
type ApplicationAssignmentForPrincipal struct {
// The ARN of the application to which the specified principal is assigned.
ApplicationArn *string
// The unique identifier of the principal assigned to the application.
PrincipalId *string
// The type of the principal assigned to the application.
PrincipalType PrincipalType
// contains filtered or unexported fields
}
A structure that describes an application to which a principal is assigned.
type ApplicationProvider ¶
type ApplicationProvider struct {
// The ARN of the application provider.
//
// This member is required.
ApplicationProviderArn *string
// A structure that describes how IAM Identity Center represents the application
// provider in the portal.
DisplayData *DisplayData
// The protocol that the application provider uses to perform federation.
FederationProtocol FederationProtocol
// A structure that describes the application provider's resource server.
ResourceServerConfig *ResourceServerConfig
// contains filtered or unexported fields
}
A structure that describes a provider that can be used to connect an Amazon Web Services managed application or customer managed application to IAM Identity Center.
type ApplicationStatus ¶
type ApplicationStatus string
const ( ApplicationStatusEnabled ApplicationStatus = "ENABLED" ApplicationStatusDisabled ApplicationStatus = "DISABLED" )
Enum values for ApplicationStatus
func (ApplicationStatus) Values ¶
func (ApplicationStatus) Values() []ApplicationStatus
Values returns all known values for ApplicationStatus. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type ApplicationVisibility ¶
type ApplicationVisibility string
const ( ApplicationVisibilityEnabled ApplicationVisibility = "ENABLED" ApplicationVisibilityDisabled ApplicationVisibility = "DISABLED" )
Enum values for ApplicationVisibility
func (ApplicationVisibility) Values ¶
func (ApplicationVisibility) Values() []ApplicationVisibility
Values returns all known values for ApplicationVisibility. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type AttachedManagedPolicy ¶
type AttachedManagedPolicy struct {
// The ARN of the Amazon Web Services managed policy. For more information about
// ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespacesin the Amazon Web Services General Reference.
Arn *string
// The name of the Amazon Web Services managed policy.
Name *string
// contains filtered or unexported fields
}
A structure that stores the details of the Amazon Web Services managed policy.
type AuthenticationMethod ¶
type AuthenticationMethod interface {
// contains filtered or unexported methods
}
A structure that describes an authentication method that can be used by an application.
The following types satisfy this interface:
AuthenticationMethodMemberIam
Example (OutputUsage) ¶
package main
import (
"e.coding.net/g-nnjn4981/aito/aws-sdk-go-v2/service/ssoadmin/types"
"fmt"
)
func main() {
var union types.AuthenticationMethod
// type switches can be used to check the union value
switch v := union.(type) {
case *types.AuthenticationMethodMemberIam:
_ = v.Value // Value is types.IamAuthenticationMethod
case *types.UnknownUnionMember:
fmt.Println("unknown tag:", v.Tag)
default:
fmt.Println("union is nil or unknown type")
}
}
Output:
type AuthenticationMethodItem ¶
type AuthenticationMethodItem struct {
// A structure that describes an authentication method. The contents of this
// structure is determined by the AuthenticationMethodType .
AuthenticationMethod AuthenticationMethod
// The type of authentication that is used by this method.
AuthenticationMethodType AuthenticationMethodType
// contains filtered or unexported fields
}
A structure that describes an authentication method and its type.
type AuthenticationMethodMemberIam ¶
type AuthenticationMethodMemberIam struct {
Value IamAuthenticationMethod
// contains filtered or unexported fields
}
A structure that describes details for IAM authentication.
type AuthenticationMethodType ¶
type AuthenticationMethodType string
const (
AuthenticationMethodTypeIam AuthenticationMethodType = "IAM"
)
Enum values for AuthenticationMethodType
func (AuthenticationMethodType) Values ¶
func (AuthenticationMethodType) Values() []AuthenticationMethodType
Values returns all known values for AuthenticationMethodType. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type AuthorizationCodeGrant ¶
type AuthorizationCodeGrant struct {
// A list of URIs that are valid locations to redirect a user's browser after the
// user is authorized.
RedirectUris []string
// contains filtered or unexported fields
}
A structure that defines configuration settings for an application that supports the OAuth 2.0 Authorization Code Grant.
type AuthorizedTokenIssuer ¶
type AuthorizedTokenIssuer struct {
// An array list of authorized audiences, or applications, that can consume the
// tokens generated by the associated trusted token issuer.
AuthorizedAudiences []string
// The ARN of the trusted token issuer.
TrustedTokenIssuerArn *string
// contains filtered or unexported fields
}
A structure that describes a trusted token issuer and associates it with a set of authorized audiences.
type ConflictException ¶
type ConflictException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.
func (*ConflictException) Error ¶
func (e *ConflictException) Error() string
func (*ConflictException) ErrorCode ¶
func (e *ConflictException) ErrorCode() string
func (*ConflictException) ErrorFault ¶
func (e *ConflictException) ErrorFault() smithy.ErrorFault
func (*ConflictException) ErrorMessage ¶
func (e *ConflictException) ErrorMessage() string
type CustomerManagedPolicyReference ¶
type CustomerManagedPolicyReference struct {
// The name of the IAM policy that you have configured in each account where you
// want to deploy your permission set.
//
// This member is required.
Name *string
// The path to the IAM policy that you have configured in each account where you
// want to deploy your permission set. The default is / . For more information, see [Friendly names and paths]
// in the IAM User Guide.
//
// [Friendly names and paths]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names
Path *string
// contains filtered or unexported fields
}
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
type DisplayData ¶
type DisplayData struct {
// The description of the application provider that appears in the portal.
Description *string
// The name of the application provider that appears in the portal.
DisplayName *string
// A URL that points to an icon that represents the application provider.
IconUrl *string
// contains filtered or unexported fields
}
A structure that describes how the portal represents an application provider.
type FederationProtocol ¶
type FederationProtocol string
const ( FederationProtocolSaml FederationProtocol = "SAML" FederationProtocolOauth FederationProtocol = "OAUTH" )
Enum values for FederationProtocol
func (FederationProtocol) Values ¶
func (FederationProtocol) Values() []FederationProtocol
Values returns all known values for FederationProtocol. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type Grant ¶
type Grant interface {
// contains filtered or unexported methods
}
The Grant union represents the set of possible configuration options for the selected grant type. Exactly one member of the union must be specified, and must match the grant type selected.
The following types satisfy this interface:
GrantMemberAuthorizationCode GrantMemberJwtBearer GrantMemberRefreshToken GrantMemberTokenExchange
Example (OutputUsage) ¶
package main
import (
"e.coding.net/g-nnjn4981/aito/aws-sdk-go-v2/service/ssoadmin/types"
"fmt"
)
func main() {
var union types.Grant
// type switches can be used to check the union value
switch v := union.(type) {
case *types.GrantMemberAuthorizationCode:
_ = v.Value // Value is types.AuthorizationCodeGrant
case *types.GrantMemberJwtBearer:
_ = v.Value // Value is types.JwtBearerGrant
case *types.GrantMemberRefreshToken:
_ = v.Value // Value is types.RefreshTokenGrant
case *types.GrantMemberTokenExchange:
_ = v.Value // Value is types.TokenExchangeGrant
case *types.UnknownUnionMember:
fmt.Println("unknown tag:", v.Tag)
default:
fmt.Println("union is nil or unknown type")
}
}
Output:
type GrantItem ¶
type GrantItem struct {
// The configuration structure for the selected grant.
//
// This member is required.
Grant Grant
// The type of the selected grant.
//
// This member is required.
GrantType GrantType
// contains filtered or unexported fields
}
A structure that defines a single grant and its configuration.
type GrantMemberAuthorizationCode ¶
type GrantMemberAuthorizationCode struct {
Value AuthorizationCodeGrant
// contains filtered or unexported fields
}
Configuration options for the authorization_code grant type.
type GrantMemberJwtBearer ¶
type GrantMemberJwtBearer struct {
Value JwtBearerGrant
// contains filtered or unexported fields
}
Configuration options for the urn:ietf:params:oauth:grant-type:jwt-bearer grant type.
type GrantMemberRefreshToken ¶
type GrantMemberRefreshToken struct {
Value RefreshTokenGrant
// contains filtered or unexported fields
}
Configuration options for the refresh_token grant type.
type GrantMemberTokenExchange ¶
type GrantMemberTokenExchange struct {
Value TokenExchangeGrant
// contains filtered or unexported fields
}
Configuration options for the urn:ietf:params:oauth:grant-type:token-exchange grant type.
type GrantType ¶
type GrantType string
const ( GrantTypeAuthorizationCode GrantType = "authorization_code" GrantTypeRefreshToken GrantType = "refresh_token" GrantTypeJwtBearer GrantType = "urn:ietf:params:oauth:grant-type:jwt-bearer" GrantTypeTokenExchange GrantType = "urn:ietf:params:oauth:grant-type:token-exchange" )
Enum values for GrantType
type IamAuthenticationMethod ¶
type IamAuthenticationMethod struct {
// An IAM policy document in JSON.
//
// This member is required.
ActorPolicy document.Interface
// contains filtered or unexported fields
}
A structure that describes details for authentication that uses IAM.
type InstanceAccessControlAttributeConfiguration ¶
type InstanceAccessControlAttributeConfiguration struct {
// Lists the attributes that are configured for ABAC in the specified IAM Identity
// Center instance.
//
// This member is required.
AccessControlAttributes []AccessControlAttribute
// contains filtered or unexported fields
}
Specifies the attributes to add to your attribute-based access control (ABAC) configuration.
type InstanceAccessControlAttributeConfigurationStatus ¶
type InstanceAccessControlAttributeConfigurationStatus string
const ( InstanceAccessControlAttributeConfigurationStatusEnabled InstanceAccessControlAttributeConfigurationStatus = "ENABLED" InstanceAccessControlAttributeConfigurationStatusCreationInProgress InstanceAccessControlAttributeConfigurationStatus = "CREATION_IN_PROGRESS" InstanceAccessControlAttributeConfigurationStatusCreationFailed InstanceAccessControlAttributeConfigurationStatus = "CREATION_FAILED" )
Enum values for InstanceAccessControlAttributeConfigurationStatus
func (InstanceAccessControlAttributeConfigurationStatus) Values ¶
func (InstanceAccessControlAttributeConfigurationStatus) Values() []InstanceAccessControlAttributeConfigurationStatus
Values returns all known values for InstanceAccessControlAttributeConfigurationStatus. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type InstanceMetadata ¶
type InstanceMetadata struct {
// The date and time that the Identity Center instance was created.
CreatedDate *time.Time
// The identifier of the identity store that is connected to the Identity Center
// instance.
IdentityStoreId *string
// The ARN of the Identity Center instance under which the operation will be
// executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespacesin the Amazon Web Services
// General Reference.
InstanceArn *string
// The name of the Identity Center instance.
Name *string
// The Amazon Web Services account ID number of the owner of the Identity Center
// instance.
OwnerAccountId *string
// The current status of this Identity Center instance.
Status InstanceStatus
// contains filtered or unexported fields
}
Provides information about the IAM Identity Center instance.
type InstanceStatus ¶
type InstanceStatus string
const ( InstanceStatusCreateInProgress InstanceStatus = "CREATE_IN_PROGRESS" InstanceStatusDeleteInProgress InstanceStatus = "DELETE_IN_PROGRESS" InstanceStatusActive InstanceStatus = "ACTIVE" )
Enum values for InstanceStatus
func (InstanceStatus) Values ¶
func (InstanceStatus) Values() []InstanceStatus
Values returns all known values for InstanceStatus. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type InternalServerException ¶
type InternalServerException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
The request processing has failed because of an unknown error, exception, or failure with an internal server.
func (*InternalServerException) Error ¶
func (e *InternalServerException) Error() string
func (*InternalServerException) ErrorCode ¶
func (e *InternalServerException) ErrorCode() string
func (*InternalServerException) ErrorFault ¶
func (e *InternalServerException) ErrorFault() smithy.ErrorFault
func (*InternalServerException) ErrorMessage ¶
func (e *InternalServerException) ErrorMessage() string
type JwksRetrievalOption ¶
type JwksRetrievalOption string
const (
JwksRetrievalOptionOpenIdDiscovery JwksRetrievalOption = "OPEN_ID_DISCOVERY"
)
Enum values for JwksRetrievalOption
func (JwksRetrievalOption) Values ¶
func (JwksRetrievalOption) Values() []JwksRetrievalOption
Values returns all known values for JwksRetrievalOption. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type JwtBearerGrant ¶
type JwtBearerGrant struct {
// A list of allowed token issuers trusted by the Identity Center instances for
// this application.
AuthorizedTokenIssuers []AuthorizedTokenIssuer
// contains filtered or unexported fields
}
A structure that defines configuration settings for an application that supports the JWT Bearer Token Authorization Grant.
type ListAccountAssignmentsFilter ¶
type ListAccountAssignmentsFilter struct {
// The ID number of an Amazon Web Services account that filters the results in the
// response.
AccountId *string
// contains filtered or unexported fields
}
A structure that describes a filter for account assignments.
type ListApplicationAssignmentsFilter ¶
type ListApplicationAssignmentsFilter struct {
// The ARN of an application.
ApplicationArn *string
// contains filtered or unexported fields
}
A structure that describes a filter for application assignments.
type ListApplicationsFilter ¶
type ListApplicationsFilter struct {
// An Amazon Web Services account ID number that filters the results in the
// response.
ApplicationAccount *string
// The ARN of an application provider that can filter the results in the response.
ApplicationProvider *string
// contains filtered or unexported fields
}
A structure that describes a filter for applications.
type OidcJwtConfiguration ¶
type OidcJwtConfiguration struct {
// The path of the source attribute in the JWT from the trusted token issuer. The
// attribute mapped by this JMESPath expression is compared against the attribute
// mapped by IdentityStoreAttributePath when a trusted token issuer token is
// exchanged for an IAM Identity Center token.
//
// This member is required.
ClaimAttributePath *string
// The path of the destination attribute in a JWT from IAM Identity Center. The
// attribute mapped by this JMESPath expression is compared against the attribute
// mapped by ClaimAttributePath when a trusted token issuer token is exchanged for
// an IAM Identity Center token.
//
// This member is required.
IdentityStoreAttributePath *string
// The URL that IAM Identity Center uses for OpenID Discovery. OpenID Discovery is
// used to obtain the information required to verify the tokens that the trusted
// token issuer generates.
//
// This member is required.
IssuerUrl *string
// The method that the trusted token issuer can use to retrieve the JSON Web Key
// Set used to verify a JWT.
//
// This member is required.
JwksRetrievalOption JwksRetrievalOption
// contains filtered or unexported fields
}
A structure that describes configuration settings for a trusted token issuer that supports OpenID Connect (OIDC) and JSON Web Tokens (JWTs).
type OidcJwtUpdateConfiguration ¶
type OidcJwtUpdateConfiguration struct {
// The path of the source attribute in the JWT from the trusted token issuer. The
// attribute mapped by this JMESPath expression is compared against the attribute
// mapped by IdentityStoreAttributePath when a trusted token issuer token is
// exchanged for an IAM Identity Center token.
ClaimAttributePath *string
// The path of the destination attribute in a JWT from IAM Identity Center. The
// attribute mapped by this JMESPath expression is compared against the attribute
// mapped by ClaimAttributePath when a trusted token issuer token is exchanged for
// an IAM Identity Center token.
IdentityStoreAttributePath *string
// The method that the trusted token issuer can use to retrieve the JSON Web Key
// Set used to verify a JWT.
JwksRetrievalOption JwksRetrievalOption
// contains filtered or unexported fields
}
A structure that describes updated configuration settings for a trusted token issuer that supports OpenID Connect (OIDC) and JSON Web Tokens (JWTs).
type OperationStatusFilter ¶
type OperationStatusFilter struct {
// Filters the list operations result based on the status attribute.
Status StatusValues
// contains filtered or unexported fields
}
Filters the operation status list based on the passed attribute value.
type PermissionSet ¶
type PermissionSet struct {
// The date that the permission set was created.
CreatedDate *time.Time
// The description of the PermissionSet.
Description *string
// The name of the permission set.
Name *string
// The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the
// Amazon Web Services General Reference.
PermissionSetArn *string
// Used to redirect users within the application during the federation
// authentication process.
RelayState *string
// The length of time that the application user sessions are valid for in the
// ISO-8601 standard.
SessionDuration *string
// contains filtered or unexported fields
}
An entity that contains IAM policies.
type PermissionSetProvisioningStatus ¶
type PermissionSetProvisioningStatus struct {
// The identifier of the Amazon Web Services account from which to list the
// assignments.
AccountId *string
// The date that the permission set was created.
CreatedDate *time.Time
// The message that contains an error or exception in case of an operation failure.
FailureReason *string
// The ARN of the permission set that is being provisioned. For more information
// about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespacesin the Amazon Web Services General Reference.
PermissionSetArn *string
// The identifier for tracking the request operation that is generated by the
// universally unique identifier (UUID) workflow.
RequestId *string
// The status of the permission set provisioning process.
Status StatusValues
// contains filtered or unexported fields
}
A structure that is used to provide the status of the provisioning operation for a specified permission set.
type PermissionSetProvisioningStatusMetadata ¶
type PermissionSetProvisioningStatusMetadata struct {
// The date that the permission set was created.
CreatedDate *time.Time
// The identifier for tracking the request operation that is generated by the
// universally unique identifier (UUID) workflow.
RequestId *string
// The status of the permission set provisioning process.
Status StatusValues
// contains filtered or unexported fields
}
Provides information about the permission set provisioning status.
type PermissionsBoundary ¶
type PermissionsBoundary struct {
// Specifies the name and path of a customer managed policy. You must have an IAM
// policy that matches the name and path in each Amazon Web Services account where
// you want to deploy your permission set.
CustomerManagedPolicyReference *CustomerManagedPolicyReference
// The Amazon Web Services managed policy ARN that you want to attach to a
// permission set as a permissions boundary.
ManagedPolicyArn *string
// contains filtered or unexported fields
}
Specifies the configuration of the Amazon Web Services managed or customer managed policy that you want to set as a permissions boundary. Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an Amazon Web Services managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entitiesin the IAM User Guide.
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logicin the IAM User Guide.
type PortalOptions ¶
type PortalOptions struct {
// A structure that describes the sign-in options for the access portal.
SignInOptions *SignInOptions
// Indicates whether this application is visible in the access portal.
Visibility ApplicationVisibility
// contains filtered or unexported fields
}
A structure that describes the options for the access portal associated with an application.
type PrincipalType ¶
type PrincipalType string
const ( PrincipalTypeUser PrincipalType = "USER" PrincipalTypeGroup PrincipalType = "GROUP" )
Enum values for PrincipalType
func (PrincipalType) Values ¶
func (PrincipalType) Values() []PrincipalType
Values returns all known values for PrincipalType. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type ProvisionTargetType ¶
type ProvisionTargetType string
const ( ProvisionTargetTypeAwsAccount ProvisionTargetType = "AWS_ACCOUNT" ProvisionTargetTypeAllProvisionedAccounts ProvisionTargetType = "ALL_PROVISIONED_ACCOUNTS" )
Enum values for ProvisionTargetType
func (ProvisionTargetType) Values ¶
func (ProvisionTargetType) Values() []ProvisionTargetType
Values returns all known values for ProvisionTargetType. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type ProvisioningStatus ¶
type ProvisioningStatus string
const ( ProvisioningStatusLatestPermissionSetProvisioned ProvisioningStatus = "LATEST_PERMISSION_SET_PROVISIONED" ProvisioningStatusLatestPermissionSetNotProvisioned ProvisioningStatus = "LATEST_PERMISSION_SET_NOT_PROVISIONED" )
Enum values for ProvisioningStatus
func (ProvisioningStatus) Values ¶
func (ProvisioningStatus) Values() []ProvisioningStatus
Values returns all known values for ProvisioningStatus. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type RefreshTokenGrant ¶
type RefreshTokenGrant struct {
// contains filtered or unexported fields
}
A structure that defines configuration settings for an application that supports the OAuth 2.0 Refresh Token Grant.
type ResourceNotFoundException ¶
type ResourceNotFoundException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
Indicates that a requested resource is not found.
func (*ResourceNotFoundException) Error ¶
func (e *ResourceNotFoundException) Error() string
func (*ResourceNotFoundException) ErrorCode ¶
func (e *ResourceNotFoundException) ErrorCode() string
func (*ResourceNotFoundException) ErrorFault ¶
func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault
func (*ResourceNotFoundException) ErrorMessage ¶
func (e *ResourceNotFoundException) ErrorMessage() string
type ResourceServerConfig ¶
type ResourceServerConfig struct {
// A list of the IAM Identity Center access scopes that are associated with this
// resource server.
Scopes map[string]ResourceServerScopeDetails
// contains filtered or unexported fields
}
A structure that describes the configuration of a resource server.
type ResourceServerScopeDetails ¶
type ResourceServerScopeDetails struct {
// The title of an access scope for a resource server.
DetailedTitle *string
// The description of an access scope for a resource server.
LongDescription *string
// contains filtered or unexported fields
}
A structure that describes details for an IAM Identity Center access scope that is associated with a resource server.
type ScopeDetails ¶
type ScopeDetails struct {
// The name of the access scope.
//
// This member is required.
Scope *string
// An array list of ARNs of applications.
AuthorizedTargets []string
// contains filtered or unexported fields
}
A structure that describes an IAM Identity Center access scope and its authorized targets.
type ServiceQuotaExceededException ¶
type ServiceQuotaExceededException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
Indicates that the principal has crossed the permitted number of resources that can be created.
func (*ServiceQuotaExceededException) Error ¶
func (e *ServiceQuotaExceededException) Error() string
func (*ServiceQuotaExceededException) ErrorCode ¶
func (e *ServiceQuotaExceededException) ErrorCode() string
func (*ServiceQuotaExceededException) ErrorFault ¶
func (e *ServiceQuotaExceededException) ErrorFault() smithy.ErrorFault
func (*ServiceQuotaExceededException) ErrorMessage ¶
func (e *ServiceQuotaExceededException) ErrorMessage() string
type SignInOptions ¶
type SignInOptions struct {
// This determines how IAM Identity Center navigates the user to the target
// application. It can be one of the following values:
//
// - APPLICATION : IAM Identity Center redirects the customer to the configured
// ApplicationUrl .
//
// - IDENTITY_CENTER : IAM Identity Center uses SAML identity-provider initiated
// authentication to sign the customer directly into a SAML-based application.
//
// This member is required.
Origin SignInOrigin
// The URL that accepts authentication requests for an application. This is a
// required parameter if the Origin parameter is APPLICATION .
ApplicationUrl *string
// contains filtered or unexported fields
}
A structure that describes the sign-in options for an application portal.
type SignInOrigin ¶
type SignInOrigin string
const ( SignInOriginIdentityCenter SignInOrigin = "IDENTITY_CENTER" SignInOriginApplication SignInOrigin = "APPLICATION" )
Enum values for SignInOrigin
func (SignInOrigin) Values ¶
func (SignInOrigin) Values() []SignInOrigin
Values returns all known values for SignInOrigin. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type StatusValues ¶
type StatusValues string
const ( StatusValuesInProgress StatusValues = "IN_PROGRESS" StatusValuesFailed StatusValues = "FAILED" StatusValuesSucceeded StatusValues = "SUCCEEDED" )
Enum values for StatusValues
func (StatusValues) Values ¶
func (StatusValues) Values() []StatusValues
Values returns all known values for StatusValues. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type Tag ¶
type Tag struct {
// The key for the tag.
//
// This member is required.
Key *string
// The value of the tag.
//
// This member is required.
Value *string
// contains filtered or unexported fields
}
A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that IAM Identity Center creates in Amazon Web Services accounts.
type TargetType ¶
type TargetType string
const (
TargetTypeAwsAccount TargetType = "AWS_ACCOUNT"
)
Enum values for TargetType
func (TargetType) Values ¶
func (TargetType) Values() []TargetType
Values returns all known values for TargetType. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type ThrottlingException ¶
type ThrottlingException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
Indicates that the principal has crossed the throttling limits of the API operations.
func (*ThrottlingException) Error ¶
func (e *ThrottlingException) Error() string
func (*ThrottlingException) ErrorCode ¶
func (e *ThrottlingException) ErrorCode() string
func (*ThrottlingException) ErrorFault ¶
func (e *ThrottlingException) ErrorFault() smithy.ErrorFault
func (*ThrottlingException) ErrorMessage ¶
func (e *ThrottlingException) ErrorMessage() string
type TokenExchangeGrant ¶
type TokenExchangeGrant struct {
// contains filtered or unexported fields
}
A structure that defines configuration settings for an application that supports the OAuth 2.0 Token Exchange Grant.
type TrustedTokenIssuerConfiguration ¶
type TrustedTokenIssuerConfiguration interface {
// contains filtered or unexported methods
}
A structure that describes the configuration of a trusted token issuer. The structure and available settings are determined by the type of the trusted token issuer.
The following types satisfy this interface:
TrustedTokenIssuerConfigurationMemberOidcJwtConfiguration
Example (OutputUsage) ¶
package main
import (
"e.coding.net/g-nnjn4981/aito/aws-sdk-go-v2/service/ssoadmin/types"
"fmt"
)
func main() {
var union types.TrustedTokenIssuerConfiguration
// type switches can be used to check the union value
switch v := union.(type) {
case *types.TrustedTokenIssuerConfigurationMemberOidcJwtConfiguration:
_ = v.Value // Value is types.OidcJwtConfiguration
case *types.UnknownUnionMember:
fmt.Println("unknown tag:", v.Tag)
default:
fmt.Println("union is nil or unknown type")
}
}
Output:
type TrustedTokenIssuerConfigurationMemberOidcJwtConfiguration ¶
type TrustedTokenIssuerConfigurationMemberOidcJwtConfiguration struct {
Value OidcJwtConfiguration
// contains filtered or unexported fields
}
A structure that describes the settings for a trusted token issuer that works with OpenID Connect (OIDC) by using JSON Web Tokens (JWT).
type TrustedTokenIssuerMetadata ¶
type TrustedTokenIssuerMetadata struct {
// The name of the trusted token issuer configuration in the instance of IAM
// Identity Center.
Name *string
// The ARN of the trusted token issuer configuration in the instance of IAM
// Identity Center.
TrustedTokenIssuerArn *string
// The type of trusted token issuer.
TrustedTokenIssuerType TrustedTokenIssuerType
// contains filtered or unexported fields
}
A structure that describes a trusted token issuer.
type TrustedTokenIssuerType ¶
type TrustedTokenIssuerType string
const (
TrustedTokenIssuerTypeOidcJwt TrustedTokenIssuerType = "OIDC_JWT"
)
Enum values for TrustedTokenIssuerType
func (TrustedTokenIssuerType) Values ¶
func (TrustedTokenIssuerType) Values() []TrustedTokenIssuerType
Values returns all known values for TrustedTokenIssuerType. Note that this can be expanded in the future, and so it is only as up to date as the client.
The ordering of this slice is not guaranteed to be stable across updates.
type TrustedTokenIssuerUpdateConfiguration ¶
type TrustedTokenIssuerUpdateConfiguration interface {
// contains filtered or unexported methods
}
A structure that contains details to be updated for a trusted token issuer configuration. The structure and settings that you can include depend on the type of the trusted token issuer being updated.
The following types satisfy this interface:
TrustedTokenIssuerUpdateConfigurationMemberOidcJwtConfiguration
Example (OutputUsage) ¶
package main
import (
"e.coding.net/g-nnjn4981/aito/aws-sdk-go-v2/service/ssoadmin/types"
"fmt"
)
func main() {
var union types.TrustedTokenIssuerUpdateConfiguration
// type switches can be used to check the union value
switch v := union.(type) {
case *types.TrustedTokenIssuerUpdateConfigurationMemberOidcJwtConfiguration:
_ = v.Value // Value is types.OidcJwtUpdateConfiguration
case *types.UnknownUnionMember:
fmt.Println("unknown tag:", v.Tag)
default:
fmt.Println("union is nil or unknown type")
}
}
Output:
type TrustedTokenIssuerUpdateConfigurationMemberOidcJwtConfiguration ¶
type TrustedTokenIssuerUpdateConfigurationMemberOidcJwtConfiguration struct {
Value OidcJwtUpdateConfiguration
// contains filtered or unexported fields
}
A structure that describes an updated configuration for a trusted token issuer that uses OpenID Connect (OIDC) with JSON web tokens (JWT).
type UnknownUnionMember ¶
type UnknownUnionMember struct {
Tag string
Value []byte
// contains filtered or unexported fields
}
UnknownUnionMember is returned when a union member is returned over the wire, but has an unknown tag.
type UpdateApplicationPortalOptions ¶
type UpdateApplicationPortalOptions struct {
// A structure that describes the sign-in options for an application portal.
SignInOptions *SignInOptions
// contains filtered or unexported fields
}
A structure that describes the options for the access portal associated with an application that can be updated.
type ValidationException ¶
type ValidationException struct {
Message *string
ErrorCodeOverride *string
// contains filtered or unexported fields
}
The request failed because it contains a syntax error.
func (*ValidationException) Error ¶
func (e *ValidationException) Error() string
func (*ValidationException) ErrorCode ¶
func (e *ValidationException) ErrorCode() string
func (*ValidationException) ErrorFault ¶
func (e *ValidationException) ErrorFault() smithy.ErrorFault
func (*ValidationException) ErrorMessage ¶
func (e *ValidationException) ErrorMessage() string
Source Files