Package software.amazon.awscdk.services.sso

Interface CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Jsii$Proxy

Enclosing class:

CfnInstanceAccessControlAttributeConfiguration

@Stability(Stable)
public static interface CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty
extends software.amazon.jsii.JsiiSerializable

These are IAM Identity Center identity store attributes that you can configure for use in attributes-based access control (ABAC).

You can create permissions policies that determine who can access your AWS resources based upon the configured attribute values. When you enable ABAC and specify AccessControlAttributes , IAM Identity Center passes the attribute values of the authenticated user into IAM for use in policy evaluation.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.sso.*;
 AccessControlAttributeProperty accessControlAttributeProperty = AccessControlAttributeProperty.builder()
         .key("key")
         .value(AccessControlAttributeValueProperty.builder()
                 .source(List.of("source"))
                 .build())
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Builder	A builder for CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty
static final class	CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Jsii$Proxy	An implementation for CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty

Method Summary

Modifier and Type	Method	Description
static CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Builder	builder()
String	getKey()	The name of the attribute associated with your identities in your identity source.
Object	getValue()	The value used for mapping a specified attribute to an identity source.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getKey

@Stability(Stable)
@NotNull
String getKey()

The name of the attribute associated with your identities in your identity source.

This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-key

getValue

@Stability(Stable)
@NotNull
Object getValue()

The value used for mapping a specified attribute to an identity source.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-value

builder

@Stability(Stable)
static CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Builder builder()

Returns:

a CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty.Builder of CfnInstanceAccessControlAttributeConfiguration.AccessControlAttributeProperty