@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-03-22T19:35:40.211Z") public class CfnPermissionSet extends CfnResource implements IInspectable
Specifies a permission set within a specified IAM Identity Center instance.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.sso.*; Object inlinePolicy; CfnPermissionSet cfnPermissionSet = CfnPermissionSet.Builder.create(this, "MyCfnPermissionSet") .instanceArn("instanceArn") .name("name") // the properties below are optional .customerManagedPolicyReferences(List.of(CustomerManagedPolicyReferenceProperty.builder() .name("name") // the properties below are optional .path("path") .build())) .description("description") .inlinePolicy(inlinePolicy) .managedPolicies(List.of("managedPolicies")) .permissionsBoundary(PermissionsBoundaryProperty.builder() .customerManagedPolicyReference(CustomerManagedPolicyReferenceProperty.builder() .name("name") // the properties below are optional .path("path") .build()) .managedPolicyArn("managedPolicyArn") .build()) .relayStateType("relayStateType") .sessionDuration("sessionDuration") .tags(List.of(CfnTag.builder() .key("key") .value("value") .build())) .build();
Modifier and Type | Class and Description |
---|---|
static class |
CfnPermissionSet.Builder
A fluent builder for
CfnPermissionSet . |
static interface |
CfnPermissionSet.CustomerManagedPolicyReferenceProperty
Specifies the name and path of a customer managed policy.
|
static interface |
CfnPermissionSet.PermissionsBoundaryProperty
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
|
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
IConstruct.Jsii$Default
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
Modifier | Constructor and Description |
---|---|
|
CfnPermissionSet(Construct scope,
java.lang.String id,
CfnPermissionSetProps props)
Create a new `AWS::SSO::PermissionSet`.
|
protected |
CfnPermissionSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnPermissionSet(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAttrPermissionSetArn()
The permission set ARN of the permission set, such as `arn:aws:sso:::permissionSet/ins-instanceid/ps-permissionsetid` .
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.Object |
getCustomerManagedPolicyReferences()
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
|
java.lang.String |
getDescription()
The description of the `PermissionSet` .
|
java.lang.Object |
getInlinePolicy()
The inline policy that is attached to the permission set.
|
java.lang.String |
getInstanceArn()
The ARN of the IAM Identity Center instance under which the operation will be executed.
|
java.util.List<java.lang.String> |
getManagedPolicies()
A structure that stores the details of the AWS managed policy.
|
java.lang.String |
getName()
The name of the permission set.
|
java.lang.Object |
getPermissionsBoundary()
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
|
java.lang.String |
getRelayStateType()
Used to redirect users within the application during the federation authentication process.
|
java.lang.String |
getSessionDuration()
The length of time that the application user sessions are valid for in the ISO-8601 standard.
|
TagManager |
getTags()
The tags to attach to the new `PermissionSet` .
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setCustomerManagedPolicyReferences(IResolvable value)
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
|
void |
setCustomerManagedPolicyReferences(java.util.List<java.lang.Object> value)
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
|
void |
setDescription(java.lang.String value)
The description of the `PermissionSet` .
|
void |
setInlinePolicy(java.lang.Object value)
The inline policy that is attached to the permission set.
|
void |
setInstanceArn(java.lang.String value)
The ARN of the IAM Identity Center instance under which the operation will be executed.
|
void |
setManagedPolicies(java.util.List<java.lang.String> value)
A structure that stores the details of the AWS managed policy.
|
void |
setName(java.lang.String value)
The name of the permission set.
|
void |
setPermissionsBoundary(CfnPermissionSet.PermissionsBoundaryProperty value)
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
|
void |
setPermissionsBoundary(IResolvable value)
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
|
void |
setRelayStateType(java.lang.String value)
Used to redirect users within the application during the federation authentication process.
|
void |
setSessionDuration(java.lang.String value)
The length of time that the application user sessions are valid for in the ISO-8601 standard.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
getRef
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
public static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnPermissionSet(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnPermissionSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnPermissionSet(Construct scope, java.lang.String id, CfnPermissionSetProps props)
scope
- - scope in which this resource is defined. This parameter is required.id
- - scoped id of the resource. This parameter is required.props
- - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect
in interface IInspectable
inspector
- - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties
in class CfnResource
props
- This parameter is required.public java.lang.String getAttrPermissionSetArn()
protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties
in class CfnResource
public TagManager getTags()
public java.lang.Object getInlinePolicy()
For
Length Constraints
, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.
public void setInlinePolicy(java.lang.Object value)
For
Length Constraints
, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.
public java.lang.String getInstanceArn()
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
public void setInstanceArn(java.lang.String value)
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
public java.lang.String getName()
public void setName(java.lang.String value)
public java.lang.Object getCustomerManagedPolicyReferences()
public void setCustomerManagedPolicyReferences(IResolvable value)
public void setCustomerManagedPolicyReferences(java.util.List<java.lang.Object> value)
public java.lang.String getDescription()
public void setDescription(java.lang.String value)
public java.util.List<java.lang.String> getManagedPolicies()
public void setManagedPolicies(java.util.List<java.lang.String> value)
public java.lang.Object getPermissionsBoundary()
Specify either CustomerManagedPolicyReference
to use the name and path of a customer managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
public void setPermissionsBoundary(IResolvable value)
Specify either CustomerManagedPolicyReference
to use the name and path of a customer managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
public void setPermissionsBoundary(CfnPermissionSet.PermissionsBoundaryProperty value)
Specify either CustomerManagedPolicyReference
to use the name and path of a customer managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
public java.lang.String getRelayStateType()
public void setRelayStateType(java.lang.String value)
public java.lang.String getSessionDuration()
public void setSessionDuration(java.lang.String value)