Interface ICfnPermissionSetProps
Properties for defining a CfnPermissionSet
.
Namespace: Amazon.CDK.AWS.SSO
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnPermissionSetProps
Syntax (vb)
Public Interface ICfnPermissionSetProps
Remarks
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SSO;
var inlinePolicy;
var cfnPermissionSetProps = new CfnPermissionSetProps {
InstanceArn = "instanceArn",
Name = "name",
// the properties below are optional
CustomerManagedPolicyReferences = new [] { new CustomerManagedPolicyReferenceProperty {
Name = "name",
// the properties below are optional
Path = "path"
} },
Description = "description",
InlinePolicy = inlinePolicy,
ManagedPolicies = new [] { "managedPolicies" },
PermissionsBoundary = new PermissionsBoundaryProperty {
CustomerManagedPolicyReference = new CustomerManagedPolicyReferenceProperty {
Name = "name",
// the properties below are optional
Path = "path"
},
ManagedPolicyArn = "managedPolicyArn"
},
RelayStateType = "relayStateType",
SessionDuration = "sessionDuration",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
};
Synopsis
Properties
CustomerManagedPolicyReferences | Specifies the names and paths of the customer managed policies that you have attached to your permission set. |
Description | The description of the |
InlinePolicy | The inline policy that is attached to the permission set. |
InstanceArn | The ARN of the IAM Identity Center instance under which the operation will be executed. |
ManagedPolicies | A structure that stores the details of the AWS managed policy. |
Name | The name of the permission set. |
PermissionsBoundary | Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. |
RelayStateType | Used to redirect users within the application during the federation authentication process. |
SessionDuration | The length of time that the application user sessions are valid for in the ISO-8601 standard. |
Tags | The tags to attach to the new |
Properties
CustomerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
virtual object CustomerManagedPolicyReferences { get; }
Property Value
System.Object
Remarks
Description
The description of the PermissionSet
.
virtual string Description { get; }
Property Value
System.String
Remarks
InlinePolicy
The inline policy that is attached to the permission set.
virtual object InlinePolicy { get; }
Property Value
System.Object
Remarks
For Length Constraints
, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.
InstanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
string InstanceArn { get; }
Property Value
System.String
Remarks
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
ManagedPolicies
A structure that stores the details of the AWS managed policy.
virtual string[] ManagedPolicies { get; }
Property Value
System.String[]
Remarks
Name
The name of the permission set.
string Name { get; }
Property Value
System.String
Remarks
PermissionsBoundary
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
virtual object PermissionsBoundary { get; }
Property Value
System.Object
Remarks
Specify either CustomerManagedPolicyReference
to use the name and path of a customer managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
RelayStateType
Used to redirect users within the application during the federation authentication process.
virtual string RelayStateType { get; }
Property Value
System.String
Remarks
SessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard.
virtual string SessionDuration { get; }
Property Value
System.String
Remarks
Tags
The tags to attach to the new PermissionSet
.
virtual ICfnTag[] Tags { get; }
Property Value
ICfnTag[]