awssso

package
v2.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2022 License: Apache-2.0 Imports: 6 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CfnAssignment_CFN_RESOURCE_TYPE_NAME 

func CfnAssignment_CFN_RESOURCE_TYPE_NAME() *string

func CfnAssignment_IsCfnElement 

func CfnAssignment_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnAssignment_IsCfnResource 

func CfnAssignment_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnAssignment_IsConstruct 

func CfnAssignment_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnInstanceAccessControlAttributeConfiguration_CFN_RESOURCE_TYPE_NAME 

func CfnInstanceAccessControlAttributeConfiguration_CFN_RESOURCE_TYPE_NAME() *string

func CfnInstanceAccessControlAttributeConfiguration_IsCfnElement 

func CfnInstanceAccessControlAttributeConfiguration_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnInstanceAccessControlAttributeConfiguration_IsCfnResource 

func CfnInstanceAccessControlAttributeConfiguration_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnInstanceAccessControlAttributeConfiguration_IsConstruct 

func CfnInstanceAccessControlAttributeConfiguration_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnPermissionSet_CFN_RESOURCE_TYPE_NAME 

func CfnPermissionSet_CFN_RESOURCE_TYPE_NAME() *string

func CfnPermissionSet_IsCfnElement 

func CfnPermissionSet_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnPermissionSet_IsCfnResource 

func CfnPermissionSet_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnPermissionSet_IsConstruct 

func CfnPermissionSet_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func NewCfnAssignment_Override 

func NewCfnAssignment_Override(c CfnAssignment, scope constructs.Construct, id *string, props *CfnAssignmentProps)

Create a new `AWS::SSO::Assignment`.

func NewCfnInstanceAccessControlAttributeConfiguration_Override 

func NewCfnInstanceAccessControlAttributeConfiguration_Override(c CfnInstanceAccessControlAttributeConfiguration, scope constructs.Construct, id *string, props *CfnInstanceAccessControlAttributeConfigurationProps)

Create a new `AWS::SSO::InstanceAccessControlAttributeConfiguration`.

func NewCfnPermissionSet_Override 

func NewCfnPermissionSet_Override(c CfnPermissionSet, scope constructs.Construct, id *string, props *CfnPermissionSetProps)

Create a new `AWS::SSO::PermissionSet`.

Types

type CfnAssignment 

type CfnAssignment interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	InstanceArn() *string
	SetInstanceArn(val *string)
	LogicalId() *string
	Node() constructs.Node
	PermissionSetArn() *string
	SetPermissionSetArn(val *string)
	PrincipalId() *string
	SetPrincipalId(val *string)
	PrincipalType() *string
	SetPrincipalType(val *string)
	Ref() *string
	Stack() awscdk.Stack
	TargetId() *string
	SetTargetId(val *string)
	TargetType() *string
	SetTargetType(val *string)
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSO::Assignment`.

Assigns access to a Principal for a specified AWS account using a specified permission set.

> The term *principal* here refers to a user or group that is defined in AWS SSO .

TODO: EXAMPLE

func NewCfnAssignment 

func NewCfnAssignment(scope constructs.Construct, id *string, props *CfnAssignmentProps) CfnAssignment

Create a new `AWS::SSO::Assignment`.

type CfnAssignmentProps 

type CfnAssignmentProps struct {
	// The ARN of the SSO instance under which the operation will be executed.
	//
	// For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .
	InstanceArn *string `json:"instanceArn" yaml:"instanceArn"`
	// The ARN of the permission set.
	PermissionSetArn *string `json:"permissionSetArn" yaml:"permissionSetArn"`
	// An identifier for an object in AWS SSO , such as a user or group.
	//
	// PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in AWS SSO , see the [AWS SSO Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .
	PrincipalId *string `json:"principalId" yaml:"principalId"`
	// The entity type for which the assignment will be created.
	PrincipalType *string `json:"principalType" yaml:"principalType"`
	// TargetID is an AWS account identifier, typically a 10-12 digit string (For example, 123456789012).
	TargetId *string `json:"targetId" yaml:"targetId"`
	// The entity type for which the assignment will be created.
	TargetType *string `json:"targetType" yaml:"targetType"`
}

Properties for defining a `CfnAssignment`.

TODO: EXAMPLE

type CfnInstanceAccessControlAttributeConfiguration 

type CfnInstanceAccessControlAttributeConfiguration interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AccessControlAttributes() interface{}
	SetAccessControlAttributes(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	InstanceArn() *string
	SetInstanceArn(val *string)
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSO::InstanceAccessControlAttributeConfiguration`.

Enables the attribute-based access control (ABAC) feature for the specified AWS SSO instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see [Attribute-Based Access Control](https://docs.aws.amazon.com//singlesignon/latest/userguide/abac.html) in the *AWS SSO User Guide* .

> The `InstanceAccessControlAttributeConfiguration` property has been deprecated but is still supported for backwards compatibility purposes. We recommend that you use the `AccessControlAttributes` property instead.

TODO: EXAMPLE

func NewCfnInstanceAccessControlAttributeConfiguration 

func NewCfnInstanceAccessControlAttributeConfiguration(scope constructs.Construct, id *string, props *CfnInstanceAccessControlAttributeConfigurationProps) CfnInstanceAccessControlAttributeConfiguration

Create a new `AWS::SSO::InstanceAccessControlAttributeConfiguration`.

type CfnInstanceAccessControlAttributeConfigurationProps 

type CfnInstanceAccessControlAttributeConfigurationProps struct {
	// The ARN of the AWS SSO instance under which the operation will be executed.
	InstanceArn *string `json:"instanceArn" yaml:"instanceArn"`
	// Lists the attributes that are configured for ABAC in the specified AWS SSO instance.
	AccessControlAttributes interface{} `json:"accessControlAttributes" yaml:"accessControlAttributes"`
}

Properties for defining a `CfnInstanceAccessControlAttributeConfiguration`.

TODO: EXAMPLE

type CfnInstanceAccessControlAttributeConfiguration_AccessControlAttributeProperty 

type CfnInstanceAccessControlAttributeConfiguration_AccessControlAttributeProperty struct {
	// The name of the attribute associated with your identities in your identity source.
	//
	// This is used to map a specified attribute in your identity source with an attribute in AWS SSO .
	Key *string `json:"key" yaml:"key"`
	// The value used for mapping a specified attribute to an identity source.
	Value interface{} `json:"value" yaml:"value"`
}

These are AWS SSO identity store attributes that you can configure for use in attributes-based access control (ABAC).

You can create permissions policies that determine who can access your AWS resources based upon the configured attribute values. When you enable ABAC and specify `AccessControlAttributes` , AWS SSO passes the attribute values of the authenticated user into IAM for use in policy evaluation.

TODO: EXAMPLE

type CfnInstanceAccessControlAttributeConfiguration_AccessControlAttributeValueProperty 

type CfnInstanceAccessControlAttributeConfiguration_AccessControlAttributeValueProperty struct {
	// The identity source to use when mapping a specified attribute to AWS SSO .
	Source *[]*string `json:"source" yaml:"source"`
}

The value used for mapping a specified attribute to an identity source.

TODO: EXAMPLE

type CfnPermissionSet 

type CfnPermissionSet interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrPermissionSetArn() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Description() *string
	SetDescription(val *string)
	InlinePolicy() interface{}
	SetInlinePolicy(val interface{})
	InstanceArn() *string
	SetInstanceArn(val *string)
	LogicalId() *string
	ManagedPolicies() *[]*string
	SetManagedPolicies(val *[]*string)
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Ref() *string
	RelayStateType() *string
	SetRelayStateType(val *string)
	SessionDuration() *string
	SetSessionDuration(val *string)
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSO::PermissionSet`.

Specifies a permission set within a specified SSO instance.

TODO: EXAMPLE

func NewCfnPermissionSet 

func NewCfnPermissionSet(scope constructs.Construct, id *string, props *CfnPermissionSetProps) CfnPermissionSet

Create a new `AWS::SSO::PermissionSet`.

type CfnPermissionSetProps 

type CfnPermissionSetProps struct {
	// The ARN of the SSO instance under which the operation will be executed.
	//
	// For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .
	InstanceArn *string `json:"instanceArn" yaml:"instanceArn"`
	// The name of the permission set.
	Name *string `json:"name" yaml:"name"`
	// The description of the `PermissionSet` .
	Description *string `json:"description" yaml:"description"`
	// The IAM inline policy that is attached to the permission set.
	InlinePolicy interface{} `json:"inlinePolicy" yaml:"inlinePolicy"`
	// A structure that stores the details of the IAM managed policy.
	ManagedPolicies *[]*string `json:"managedPolicies" yaml:"managedPolicies"`
	// Used to redirect users within the application during the federation authentication process.
	RelayStateType *string `json:"relayStateType" yaml:"relayStateType"`
	// The length of time that the application user sessions are valid for in the ISO-8601 standard.
	SessionDuration *string `json:"sessionDuration" yaml:"sessionDuration"`
	// The tags to attach to the new `PermissionSet` .
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnPermissionSet`.

TODO: EXAMPLE

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.