ssoadmin

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 31, 2020 License: Apache-2.0 Imports: 26 Imported by: 50

Documentation

Overview

Package ssoadmin provides the API client, operations, and parameter types for AWS Single Sign-On Admin.

Index

Constants

View Source 
const ServiceAPIVersion = "2020-07-20"
View Source 
const ServiceID = "SSO Admin"

Variables

This section is empty.

Functions

func NewDefaultEndpointResolver 

func NewDefaultEndpointResolver() *internalendpoints.Resolver

NewDefaultEndpointResolver constructs a new service endpoint resolver

Types

type AttachManagedPolicyToPermissionSetInput 

type AttachManagedPolicyToPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The IAM managed policy ARN to be attached to a permission set.
	//
	// This member is required.
	ManagedPolicyArn *string

	// The ARN of the PermissionSet that the managed policy should be attached to.
	//
	// This member is required.
	PermissionSetArn *string
}

type AttachManagedPolicyToPermissionSetOutput 

type AttachManagedPolicyToPermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client provides the API client to make operations call for AWS Single Sign-On Admin.

func New 

func New(options Options, optFns ...func(*Options)) *Client

New returns an initialized Client based on the functional options. Provide additional functional options to further configure the behavior of the client, such as changing the client's endpoint or adding custom middleware behavior.

func NewFromConfig 

func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client

NewFromConfig returns a new client from the provided config.

func (*Client) AttachManagedPolicyToPermissionSet 

func (c *Client) AttachManagedPolicyToPermissionSet(ctx context.Context, params *AttachManagedPolicyToPermissionSetInput, optFns ...func(*Options)) (*AttachManagedPolicyToPermissionSetOutput, error)

Attaches an IAM managed policy ARN to a permission set. If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet after this action to apply the corresponding IAM policy updates to all assigned accounts.

func (*Client) CreateAccountAssignment 

func (c *Client) CreateAccountAssignment(ctx context.Context, params *CreateAccountAssignmentInput, optFns ...func(*Options)) (*CreateAccountAssignmentOutput, error)

Assigns access to a principal for a specified AWS account using a specified permission set. The term principal here refers to a user or group that is defined in AWS SSO. As part of a successful CreateAccountAssignment call, the specified permission set will automatically be provisioned to the account in the form of an IAM policy attached to the SSO-created IAM role. If the permission set is subsequently updated, the corresponding IAM policies attached to roles in your accounts will not be updated automatically. In this case, you will need to call ProvisionPermissionSet to make these updates.

func (*Client) CreatePermissionSet 

func (c *Client) CreatePermissionSet(ctx context.Context, params *CreatePermissionSetInput, optFns ...func(*Options)) (*CreatePermissionSetOutput, error)

Creates a permission set within a specified SSO instance. To grant users and groups access to AWS account resources, use CreateAccountAssignment.

func (*Client) DeleteAccountAssignment 

func (c *Client) DeleteAccountAssignment(ctx context.Context, params *DeleteAccountAssignmentInput, optFns ...func(*Options)) (*DeleteAccountAssignmentOutput, error)

Deletes a principal's access from a specified AWS account using a specified permission set.

func (*Client) DeleteInlinePolicyFromPermissionSet 

func (c *Client) DeleteInlinePolicyFromPermissionSet(ctx context.Context, params *DeleteInlinePolicyFromPermissionSetInput, optFns ...func(*Options)) (*DeleteInlinePolicyFromPermissionSetOutput, error)

Deletes the inline policy from a specified permission set.

func (*Client) DeletePermissionSet 

func (c *Client) DeletePermissionSet(ctx context.Context, params *DeletePermissionSetInput, optFns ...func(*Options)) (*DeletePermissionSetOutput, error)

Deletes the specified permission set.

func (*Client) DescribeAccountAssignmentCreationStatus 

func (c *Client) DescribeAccountAssignmentCreationStatus(ctx context.Context, params *DescribeAccountAssignmentCreationStatusInput, optFns ...func(*Options)) (*DescribeAccountAssignmentCreationStatusOutput, error)

Describes the status of the assignment creation request.

func (*Client) DescribeAccountAssignmentDeletionStatus 

func (c *Client) DescribeAccountAssignmentDeletionStatus(ctx context.Context, params *DescribeAccountAssignmentDeletionStatusInput, optFns ...func(*Options)) (*DescribeAccountAssignmentDeletionStatusOutput, error)

Describes the status of the assignment deletion request.

func (*Client) DescribePermissionSet 

func (c *Client) DescribePermissionSet(ctx context.Context, params *DescribePermissionSetInput, optFns ...func(*Options)) (*DescribePermissionSetOutput, error)

Gets the details of the permission set.

func (*Client) DescribePermissionSetProvisioningStatus 

func (c *Client) DescribePermissionSetProvisioningStatus(ctx context.Context, params *DescribePermissionSetProvisioningStatusInput, optFns ...func(*Options)) (*DescribePermissionSetProvisioningStatusOutput, error)

Describes the status for the given permission set provisioning request.

func (*Client) DetachManagedPolicyFromPermissionSet 

func (c *Client) DetachManagedPolicyFromPermissionSet(ctx context.Context, params *DetachManagedPolicyFromPermissionSetInput, optFns ...func(*Options)) (*DetachManagedPolicyFromPermissionSetOutput, error)

Detaches the attached IAM managed policy ARN from the specified permission set.

func (*Client) GetInlinePolicyForPermissionSet 

func (c *Client) GetInlinePolicyForPermissionSet(ctx context.Context, params *GetInlinePolicyForPermissionSetInput, optFns ...func(*Options)) (*GetInlinePolicyForPermissionSetOutput, error)

Obtains the inline policy assigned to the permission set.

func (*Client) ListAccountAssignmentCreationStatus 

func (c *Client) ListAccountAssignmentCreationStatus(ctx context.Context, params *ListAccountAssignmentCreationStatusInput, optFns ...func(*Options)) (*ListAccountAssignmentCreationStatusOutput, error)

Lists the status of the AWS account assignment creation requests for a specified SSO instance.

func (*Client) ListAccountAssignmentDeletionStatus 

func (c *Client) ListAccountAssignmentDeletionStatus(ctx context.Context, params *ListAccountAssignmentDeletionStatusInput, optFns ...func(*Options)) (*ListAccountAssignmentDeletionStatusOutput, error)

Lists the status of the AWS account assignment deletion requests for a specified SSO instance.

func (*Client) ListAccountAssignments 

func (c *Client) ListAccountAssignments(ctx context.Context, params *ListAccountAssignmentsInput, optFns ...func(*Options)) (*ListAccountAssignmentsOutput, error)

Lists the assignee of the specified AWS account with the specified permission set.

func (*Client) ListAccountsForProvisionedPermissionSet 

func (c *Client) ListAccountsForProvisionedPermissionSet(ctx context.Context, params *ListAccountsForProvisionedPermissionSetInput, optFns ...func(*Options)) (*ListAccountsForProvisionedPermissionSetOutput, error)

Lists all the AWS accounts where the specified permission set is provisioned.

func (*Client) ListInstances 

func (c *Client) ListInstances(ctx context.Context, params *ListInstancesInput, optFns ...func(*Options)) (*ListInstancesOutput, error)

Lists the SSO instances that the caller has access to.

func (*Client) ListManagedPoliciesInPermissionSet 

func (c *Client) ListManagedPoliciesInPermissionSet(ctx context.Context, params *ListManagedPoliciesInPermissionSetInput, optFns ...func(*Options)) (*ListManagedPoliciesInPermissionSetOutput, error)

Lists the IAM managed policy that is attached to a specified permission set.

func (*Client) ListPermissionSetProvisioningStatus 

func (c *Client) ListPermissionSetProvisioningStatus(ctx context.Context, params *ListPermissionSetProvisioningStatusInput, optFns ...func(*Options)) (*ListPermissionSetProvisioningStatusOutput, error)

Lists the status of the permission set provisioning requests for a specified SSO instance.

func (*Client) ListPermissionSets 

func (c *Client) ListPermissionSets(ctx context.Context, params *ListPermissionSetsInput, optFns ...func(*Options)) (*ListPermissionSetsOutput, error)

Lists the PermissionSets in an SSO instance.

func (*Client) ListPermissionSetsProvisionedToAccount 

func (c *Client) ListPermissionSetsProvisionedToAccount(ctx context.Context, params *ListPermissionSetsProvisionedToAccountInput, optFns ...func(*Options)) (*ListPermissionSetsProvisionedToAccountOutput, error)

Lists all the permission sets that are provisioned to a specified AWS account.

func (*Client) ListTagsForResource 

func (c *Client) ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error)

Lists the tags that are attached to a specified resource.

func (*Client) ProvisionPermissionSet 

func (c *Client) ProvisionPermissionSet(ctx context.Context, params *ProvisionPermissionSetInput, optFns ...func(*Options)) (*ProvisionPermissionSetOutput, error)

The process by which a specified permission set is provisioned to the specified target.

func (*Client) PutInlinePolicyToPermissionSet 

func (c *Client) PutInlinePolicyToPermissionSet(ctx context.Context, params *PutInlinePolicyToPermissionSetInput, optFns ...func(*Options)) (*PutInlinePolicyToPermissionSetOutput, error)

Attaches an IAM inline policy to a permission set. If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet after this action to apply the corresponding IAM policy updates to all assigned accounts.

func (*Client) TagResource 

func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error)

Associates a set of tags with a specified resource.

func (*Client) UntagResource 

func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error)

Disassociates a set of tags from a specified resource.

func (*Client) UpdatePermissionSet 

func (c *Client) UpdatePermissionSet(ctx context.Context, params *UpdatePermissionSetInput, optFns ...func(*Options)) (*UpdatePermissionSetOutput, error)

Updates an existing permission set.

type CreateAccountAssignmentInput 

type CreateAccountAssignmentInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set that the admin wants to grant the principal access
	// to.
	//
	// This member is required.
	PermissionSetArn *string

	// An identifier for an object in AWS SSO, such as a user or group. PrincipalIds
	// are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more
	// information about PrincipalIds in AWS SSO, see the AWS SSO Identity Store API
	// Reference.
	//
	// This member is required.
	PrincipalId *string

	// The entity type for which the assignment will be created.
	//
	// This member is required.
	PrincipalType types.PrincipalType

	// TargetID is an AWS account identifier, typically a 10-12 digit string (For
	// example, 123456789012).
	//
	// This member is required.
	TargetId *string

	// The entity type for which the assignment will be created.
	//
	// This member is required.
	TargetType types.TargetType
}

type CreateAccountAssignmentOutput 

type CreateAccountAssignmentOutput struct {

	// The status object for the account assignment creation operation.
	AccountAssignmentCreationStatus *types.AccountAssignmentOperationStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreatePermissionSetInput 

type CreatePermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The name of the PermissionSet.
	//
	// This member is required.
	Name *string

	// The description of the PermissionSet.
	Description *string

	// Used to redirect users within the application during the federation
	// authentication process.
	RelayState *string

	// The length of time that the application user sessions are valid in the ISO-8601
	// standard.
	SessionDuration *string

	// The tags to attach to the new PermissionSet.
	Tags []*types.Tag
}

type CreatePermissionSetOutput 

type CreatePermissionSetOutput struct {

	// Defines the level of access on an AWS account.
	PermissionSet *types.PermissionSet

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteAccountAssignmentInput 

type DeleteAccountAssignmentInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set that will be used to remove access.
	//
	// This member is required.
	PermissionSetArn *string

	// An identifier for an object in AWS SSO, such as a user or group. PrincipalIds
	// are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more
	// information about PrincipalIds in AWS SSO, see the AWS SSO Identity Store API
	// Reference.
	//
	// This member is required.
	PrincipalId *string

	// The entity type for which the assignment will be deleted.
	//
	// This member is required.
	PrincipalType types.PrincipalType

	// TargetID is an AWS account identifier, typically a 10-12 digit string (For
	// example, 123456789012).
	//
	// This member is required.
	TargetId *string

	// The entity type for which the assignment will be deleted.
	//
	// This member is required.
	TargetType types.TargetType
}

type DeleteAccountAssignmentOutput 

type DeleteAccountAssignmentOutput struct {

	// The status object for the account assignment deletion operation.
	AccountAssignmentDeletionStatus *types.AccountAssignmentOperationStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteInlinePolicyFromPermissionSetInput 

type DeleteInlinePolicyFromPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set that will be used to remove access.
	//
	// This member is required.
	PermissionSetArn *string
}

type DeleteInlinePolicyFromPermissionSetOutput 

type DeleteInlinePolicyFromPermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeletePermissionSetInput 

type DeletePermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set that should be deleted.
	//
	// This member is required.
	PermissionSetArn *string
}

type DeletePermissionSetOutput 

type DeletePermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribeAccountAssignmentCreationStatusInput 

type DescribeAccountAssignmentCreationStatusInput struct {

	// The identifier that is used to track the request operation progress.
	//
	// This member is required.
	AccountAssignmentCreationRequestId *string

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string
}

type DescribeAccountAssignmentCreationStatusOutput 

type DescribeAccountAssignmentCreationStatusOutput struct {

	// The status object for the account assignment creation operation.
	AccountAssignmentCreationStatus *types.AccountAssignmentOperationStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribeAccountAssignmentDeletionStatusInput 

type DescribeAccountAssignmentDeletionStatusInput struct {

	// The identifier that is used to track the request operation progress.
	//
	// This member is required.
	AccountAssignmentDeletionRequestId *string

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string
}

type DescribeAccountAssignmentDeletionStatusOutput 

type DescribeAccountAssignmentDeletionStatusOutput struct {

	// The status object for the account assignment deletion operation.
	AccountAssignmentDeletionStatus *types.AccountAssignmentOperationStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribePermissionSetInput 

type DescribePermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set.
	//
	// This member is required.
	PermissionSetArn *string
}

type DescribePermissionSetOutput 

type DescribePermissionSetOutput struct {

	// Describes the level of access on an AWS account.
	PermissionSet *types.PermissionSet

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribePermissionSetProvisioningStatusInput 

type DescribePermissionSetProvisioningStatusInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The identifier that is provided by the ProvisionPermissionSet call to retrieve
	// the current status of the provisioning workflow.
	//
	// This member is required.
	ProvisionPermissionSetRequestId *string
}

type DescribePermissionSetProvisioningStatusOutput 

type DescribePermissionSetProvisioningStatusOutput struct {

	// The status object for the permission set provisioning operation.
	PermissionSetProvisioningStatus *types.PermissionSetProvisioningStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DetachManagedPolicyFromPermissionSetInput 

type DetachManagedPolicyFromPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The IAM managed policy ARN to be attached to a permission set.
	//
	// This member is required.
	ManagedPolicyArn *string

	// The ARN of the PermissionSet from which the policy should be detached.
	//
	// This member is required.
	PermissionSetArn *string
}

type DetachManagedPolicyFromPermissionSetOutput 

type DetachManagedPolicyFromPermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type EndpointResolver 

type EndpointResolver interface {
	ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
}

EndpointResolver interface for resolving service endpoints.

func WithEndpointResolver 

func WithEndpointResolver(awsResolver aws.EndpointResolver, fallbackResolver EndpointResolver) EndpointResolver

WithEndpointResolver returns an EndpointResolver that first delegates endpoint resolution to the awsResolver. If awsResolver returns aws.EndpointNotFoundError error, the resolver will use the the provided fallbackResolver for resolution. awsResolver and fallbackResolver must not be nil

type EndpointResolverFunc 

type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)

EndpointResolverFunc is a helper utility that wraps a function so it satisfies the EndpointResolver interface. This is useful when you want to add additional endpoint resolving logic, or stub out specific endpoints with custom values.

func (EndpointResolverFunc) ResolveEndpoint 

func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error)

type EndpointResolverOptions 

type EndpointResolverOptions = internalendpoints.Options

EndpointResolverOptions is the service endpoint resolver options

type GetInlinePolicyForPermissionSetInput 

type GetInlinePolicyForPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set.
	//
	// This member is required.
	PermissionSetArn *string
}

type GetInlinePolicyForPermissionSetOutput 

type GetInlinePolicyForPermissionSetOutput struct {

	// The IAM inline policy that is attached to the permission set.
	InlinePolicy *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

type HTTPSignerV4 

type HTTPSignerV4 interface {
	SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time) error
}

type ListAccountAssignmentCreationStatusInput 

type ListAccountAssignmentCreationStatusInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// Filters results based on the passed attribute value.
	Filter *types.OperationStatusFilter

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListAccountAssignmentCreationStatusOutput 

type ListAccountAssignmentCreationStatusOutput struct {

	// The status object for the account assignment creation operation.
	AccountAssignmentsCreationStatus []*types.AccountAssignmentOperationStatusMetadata

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListAccountAssignmentDeletionStatusInput 

type ListAccountAssignmentDeletionStatusInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// Filters results based on the passed attribute value.
	Filter *types.OperationStatusFilter

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListAccountAssignmentDeletionStatusOutput 

type ListAccountAssignmentDeletionStatusOutput struct {

	// The status object for the account assignment deletion operation.
	AccountAssignmentsDeletionStatus []*types.AccountAssignmentOperationStatusMetadata

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListAccountAssignmentsInput 

type ListAccountAssignmentsInput struct {

	// The identifier of the AWS account from which to list the assignments.
	//
	// This member is required.
	AccountId *string

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set from which to list assignments.
	//
	// This member is required.
	PermissionSetArn *string

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListAccountAssignmentsOutput 

type ListAccountAssignmentsOutput struct {

	// The list of assignments that match the input AWS account and permission set.
	AccountAssignments []*types.AccountAssignment

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListAccountsForProvisionedPermissionSetInput 

type ListAccountsForProvisionedPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the PermissionSet from which the associated AWS accounts will be
	// listed.
	//
	// This member is required.
	PermissionSetArn *string

	// The maximum number of results to display for the PermissionSet.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// The permission set provisioning status for an AWS account.
	ProvisioningStatus types.ProvisioningStatus
}

type ListAccountsForProvisionedPermissionSetOutput 

type ListAccountsForProvisionedPermissionSetOutput struct {

	// The list of AWS AccountIds.
	AccountIds []*string

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListInstancesInput 

type ListInstancesInput struct {

	// The maximum number of results to display for the instance.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListInstancesOutput 

type ListInstancesOutput struct {

	// Lists the SSO instances that the caller has access to.
	Instances []*types.InstanceMetadata

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListManagedPoliciesInPermissionSetInput 

type ListManagedPoliciesInPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the PermissionSet whose managed policies will be listed.
	//
	// This member is required.
	PermissionSetArn *string

	// The maximum number of results to display for the PermissionSet.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListManagedPoliciesInPermissionSetOutput 

type ListManagedPoliciesInPermissionSetOutput struct {

	// The array of the AttachedManagedPolicy data type object.
	AttachedManagedPolicies []*types.AttachedManagedPolicy

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListPermissionSetProvisioningStatusInput 

type ListPermissionSetProvisioningStatusInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// Filters results based on the passed attribute value.
	Filter *types.OperationStatusFilter

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListPermissionSetProvisioningStatusOutput 

type ListPermissionSetProvisioningStatusOutput struct {

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// The status object for the permission set provisioning operation.
	PermissionSetsProvisioningStatus []*types.PermissionSetProvisioningStatusMetadata

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListPermissionSetsInput 

type ListPermissionSetsInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListPermissionSetsOutput 

type ListPermissionSetsOutput struct {

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Defines the level of access on an AWS account.
	PermissionSets []*string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListPermissionSetsProvisionedToAccountInput 

type ListPermissionSetsProvisionedToAccountInput struct {

	// The identifier of the AWS account from which to list the assignments.
	//
	// This member is required.
	AccountId *string

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The maximum number of results to display for the assignment.
	MaxResults *int32

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// The status object for the permission set provisioning operation.
	ProvisioningStatus types.ProvisioningStatus
}

type ListPermissionSetsProvisionedToAccountOutput 

type ListPermissionSetsProvisionedToAccountOutput struct {

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// Defines the level of access that an AWS account has.
	PermissionSets []*string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListTagsForResourceInput 

type ListTagsForResourceInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the resource with the tags to be listed.
	//
	// This member is required.
	ResourceArn *string

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string
}

type ListTagsForResourceOutput 

type ListTagsForResourceOutput struct {

	// The pagination token for the list API. Initially the value is null. Use the
	// output of previous API calls to make subsequent calls.
	NextToken *string

	// A set of key-value pairs that are used to manage the resource.
	Tags []*types.Tag

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type Options 

type Options struct {
	// Set of options to modify how an operation is invoked. These apply to all
	// operations invoked for this client. Use functional options on operation call to
	// modify this list for per operation behavior.
	APIOptions []func(*middleware.Stack) error

	// The credentials object to use when signing requests.
	Credentials aws.CredentialsProvider

	// The endpoint options to be used when attempting to resolve an endpoint.
	EndpointOptions EndpointResolverOptions

	// The service endpoint resolver.
	EndpointResolver EndpointResolver

	// Signature Version 4 (SigV4) Signer
	HTTPSignerV4 HTTPSignerV4

	// The region to send requests to. (Required)
	Region string

	// Retryer guides how HTTP requests should be retried in case of recoverable
	// failures. When nil the API client will use a default retryer.
	Retryer retry.Retryer

	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
	// implementation if nil.
	HTTPClient HTTPClient
}

func (Options) Copy 

func (o Options) Copy() Options

Copy creates a clone where the APIOptions list is deep copied.

type ProvisionPermissionSetInput 

type ProvisionPermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set.
	//
	// This member is required.
	PermissionSetArn *string

	// The entity type for which the assignment will be created.
	//
	// This member is required.
	TargetType types.ProvisionTargetType

	// TargetID is an AWS account identifier, typically a 10-12 digit string (For
	// example, 123456789012).
	TargetId *string
}

type ProvisionPermissionSetOutput 

type ProvisionPermissionSetOutput struct {

	// The status object for the permission set provisioning operation.
	PermissionSetProvisioningStatus *types.PermissionSetProvisioningStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type PutInlinePolicyToPermissionSetInput 

type PutInlinePolicyToPermissionSetInput struct {

	// The IAM inline policy to attach to a PermissionSet.
	//
	// This member is required.
	InlinePolicy *string

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set.
	//
	// This member is required.
	PermissionSetArn *string
}

type PutInlinePolicyToPermissionSetOutput 

type PutInlinePolicyToPermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ResolveEndpoint 

type ResolveEndpoint struct {
	Resolver EndpointResolver
	Options  EndpointResolverOptions
}

func (*ResolveEndpoint) HandleSerialize 

func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
	out middleware.SerializeOutput, metadata middleware.Metadata, err error,
)

func (*ResolveEndpoint) ID 

func (*ResolveEndpoint) ID() string

type TagResourceInput 

type TagResourceInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the resource with the tags to be listed.
	//
	// This member is required.
	ResourceArn *string

	// A set of key-value pairs that are used to manage the resource.
	//
	// This member is required.
	Tags []*types.Tag
}

type TagResourceOutput 

type TagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UntagResourceInput 

type UntagResourceInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the resource with the tags to be listed.
	//
	// This member is required.
	ResourceArn *string

	// The keys of tags that are attached to the resource.
	//
	// This member is required.
	TagKeys []*string
}

type UntagResourceOutput 

type UntagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdatePermissionSetInput 

type UpdatePermissionSetInput struct {

	// The ARN of the SSO instance under which the operation will be executed. For more
	// information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
	// Namespaces in the AWS General Reference.
	//
	// This member is required.
	InstanceArn *string

	// The ARN of the permission set.
	//
	// This member is required.
	PermissionSetArn *string

	// The description of the PermissionSet.
	Description *string

	// Used to redirect users within the application during the federation
	// authentication process.
	RelayState *string

	// The length of time that the application user sessions are valid for in the
	// ISO-8601 standard.
	SessionDuration *string
}

type UpdatePermissionSetOutput 

type UpdatePermissionSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

Source Files

View all Source files

Directories

Path Synopsis
internal
endpoints

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.