Class: Aws::SSOAdmin::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::SSOAdmin::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb
Overview
An API client for SSOAdmin. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::SSOAdmin::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#attach_managed_policy_to_permission_set(params = {}) ⇒ Struct
Attaches an IAM managed policy ARN to a permission set.
-
#create_account_assignment(params = {}) ⇒ Types::CreateAccountAssignmentResponse
Assigns access to a principal for a specified AWS account using a specified permission set.
-
#create_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance.
-
#create_permission_set(params = {}) ⇒ Types::CreatePermissionSetResponse
Creates a permission set within a specified SSO instance.
-
#delete_account_assignment(params = {}) ⇒ Types::DeleteAccountAssignmentResponse
Deletes a principal's access from a specified AWS account using a specified permission set.
-
#delete_inline_policy_from_permission_set(params = {}) ⇒ Struct
Deletes the inline policy from a specified permission set.
-
#delete_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Disables the attributes-based access control (ABAC) feature for the specified AWS SSO instance and deletes all of the attribute mappings that have been configured.
-
#delete_permission_set(params = {}) ⇒ Struct
Deletes the specified permission set.
-
#describe_account_assignment_creation_status(params = {}) ⇒ Types::DescribeAccountAssignmentCreationStatusResponse
Describes the status of the assignment creation request.
-
#describe_account_assignment_deletion_status(params = {}) ⇒ Types::DescribeAccountAssignmentDeletionStatusResponse
Describes the status of the assignment deletion request.
-
#describe_instance_access_control_attribute_configuration(params = {}) ⇒ Types::DescribeInstanceAccessControlAttributeConfigurationResponse
Returns the list of AWS SSO identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified AWS SSO instance.
-
#describe_permission_set(params = {}) ⇒ Types::DescribePermissionSetResponse
Gets the details of the permission set.
-
#describe_permission_set_provisioning_status(params = {}) ⇒ Types::DescribePermissionSetProvisioningStatusResponse
Describes the status for the given permission set provisioning request.
-
#detach_managed_policy_from_permission_set(params = {}) ⇒ Struct
Detaches the attached IAM managed policy ARN from the specified permission set.
-
#get_inline_policy_for_permission_set(params = {}) ⇒ Types::GetInlinePolicyForPermissionSetResponse
Obtains the inline policy assigned to the permission set.
-
#list_account_assignment_creation_status(params = {}) ⇒ Types::ListAccountAssignmentCreationStatusResponse
Lists the status of the AWS account assignment creation requests for a specified SSO instance.
-
#list_account_assignment_deletion_status(params = {}) ⇒ Types::ListAccountAssignmentDeletionStatusResponse
Lists the status of the AWS account assignment deletion requests for a specified SSO instance.
-
#list_account_assignments(params = {}) ⇒ Types::ListAccountAssignmentsResponse
Lists the assignee of the specified AWS account with the specified permission set.
-
#list_accounts_for_provisioned_permission_set(params = {}) ⇒ Types::ListAccountsForProvisionedPermissionSetResponse
Lists all the AWS accounts where the specified permission set is provisioned.
-
#list_instances(params = {}) ⇒ Types::ListInstancesResponse
Lists the SSO instances that the caller has access to.
-
#list_managed_policies_in_permission_set(params = {}) ⇒ Types::ListManagedPoliciesInPermissionSetResponse
Lists the IAM managed policy that is attached to a specified permission set.
-
#list_permission_set_provisioning_status(params = {}) ⇒ Types::ListPermissionSetProvisioningStatusResponse
Lists the status of the permission set provisioning requests for a specified SSO instance.
-
#list_permission_sets(params = {}) ⇒ Types::ListPermissionSetsResponse
Lists the PermissionSets in an SSO instance.
-
#list_permission_sets_provisioned_to_account(params = {}) ⇒ Types::ListPermissionSetsProvisionedToAccountResponse
Lists all the permission sets that are provisioned to a specified AWS account.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Lists the tags that are attached to a specified resource.
-
#provision_permission_set(params = {}) ⇒ Types::ProvisionPermissionSetResponse
The process by which a specified permission set is provisioned to the specified target.
-
#put_inline_policy_to_permission_set(params = {}) ⇒ Struct
Attaches an IAM inline policy to a permission set.
-
#tag_resource(params = {}) ⇒ Struct
Associates a set of tags with a specified resource.
-
#untag_resource(params = {}) ⇒ Struct
Disassociates a set of tags from a specified resource.
-
#update_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Updates the AWS SSO identity store attributes to use with the AWS SSO instance for attributes-based access control (ABAC).
-
#update_permission_set(params = {}) ⇒ Struct
Updates an existing permission set.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
334 335 336 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 334 def initialize(*args) super end |
Instance Method Details
#attach_managed_policy_to_permission_set(params = {}) ⇒ Struct
Attaches an IAM managed policy ARN to a permission set.
ProvisionPermissionSet
after
this action to apply the corresponding IAM policy updates to all
assigned accounts.
377 378 379 380 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 377 def (params = {}, = {}) req = build_request(:attach_managed_policy_to_permission_set, params) req.send_request() end |
#create_account_assignment(params = {}) ⇒ Types::CreateAccountAssignmentResponse
Assigns access to a principal for a specified AWS account using a specified permission set.
CreateAccountAssignment
call, the specified
permission set will automatically be provisioned to the account in the
form of an IAM policy attached to the SSO-created IAM role. If the
permission set is subsequently updated, the corresponding IAM policies
attached to roles in your accounts will not be updated automatically.
In this case, you will need to call ProvisionPermissionSet
to make
these updates.
459 460 461 462 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 459 def create_account_assignment(params = {}, = {}) req = build_request(:create_account_assignment, params) req.send_request() end |
#create_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
506 507 508 509 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 506 def create_instance_access_control_attribute_configuration(params = {}, = {}) req = build_request(:create_instance_access_control_attribute_configuration, params) req.send_request() end |
#create_permission_set(params = {}) ⇒ Types::CreatePermissionSetResponse
Creates a permission set within a specified SSO instance.
CreateAccountAssignment
.
575 576 577 578 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 575 def (params = {}, = {}) req = build_request(:create_permission_set, params) req.send_request() end |
#delete_account_assignment(params = {}) ⇒ Types::DeleteAccountAssignmentResponse
Deletes a principal's access from a specified AWS account using a specified permission set.
641 642 643 644 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 641 def delete_account_assignment(params = {}, = {}) req = build_request(:delete_account_assignment, params) req.send_request() end |
#delete_inline_policy_from_permission_set(params = {}) ⇒ Struct
Deletes the inline policy from a specified permission set.
671 672 673 674 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 671 def (params = {}, = {}) req = build_request(:delete_inline_policy_from_permission_set, params) req.send_request() end |
#delete_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Disables the attributes-based access control (ABAC) feature for the specified AWS SSO instance and deletes all of the attribute mappings that have been configured. Once deleted, any attributes that are received from an identity source and any custom attributes you have previously configured will not be passed. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
701 702 703 704 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 701 def delete_instance_access_control_attribute_configuration(params = {}, = {}) req = build_request(:delete_instance_access_control_attribute_configuration, params) req.send_request() end |
#delete_permission_set(params = {}) ⇒ Struct
Deletes the specified permission set.
731 732 733 734 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 731 def (params = {}, = {}) req = build_request(:delete_permission_set, params) req.send_request() end |
#describe_account_assignment_creation_status(params = {}) ⇒ Types::DescribeAccountAssignmentCreationStatusResponse
Describes the status of the assignment creation request.
775 776 777 778 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 775 def describe_account_assignment_creation_status(params = {}, = {}) req = build_request(:describe_account_assignment_creation_status, params) req.send_request() end |
#describe_account_assignment_deletion_status(params = {}) ⇒ Types::DescribeAccountAssignmentDeletionStatusResponse
Describes the status of the assignment deletion request.
819 820 821 822 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 819 def describe_account_assignment_deletion_status(params = {}, = {}) req = build_request(:describe_account_assignment_deletion_status, params) req.send_request() end |
#describe_instance_access_control_attribute_configuration(params = {}) ⇒ Types::DescribeInstanceAccessControlAttributeConfigurationResponse
Returns the list of AWS SSO identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified AWS SSO instance. This will not return attributes configured and sent by an external identity provider. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
861 862 863 864 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 861 def describe_instance_access_control_attribute_configuration(params = {}, = {}) req = build_request(:describe_instance_access_control_attribute_configuration, params) req.send_request() end |
#describe_permission_set(params = {}) ⇒ Types::DescribePermissionSetResponse
Gets the details of the permission set.
902 903 904 905 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 902 def (params = {}, = {}) req = build_request(:describe_permission_set, params) req.send_request() end |
#describe_permission_set_provisioning_status(params = {}) ⇒ Types::DescribePermissionSetProvisioningStatusResponse
Describes the status for the given permission set provisioning request.
945 946 947 948 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 945 def (params = {}, = {}) req = build_request(:describe_permission_set_provisioning_status, params) req.send_request() end |
#detach_managed_policy_from_permission_set(params = {}) ⇒ Struct
Detaches the attached IAM managed policy ARN from the specified permission set.
980 981 982 983 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 980 def (params = {}, = {}) req = build_request(:detach_managed_policy_from_permission_set, params) req.send_request() end |
#get_inline_policy_for_permission_set(params = {}) ⇒ Types::GetInlinePolicyForPermissionSetResponse
Obtains the inline policy assigned to the permission set.
1016 1017 1018 1019 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1016 def (params = {}, = {}) req = build_request(:get_inline_policy_for_permission_set, params) req.send_request() end |
#list_account_assignment_creation_status(params = {}) ⇒ Types::ListAccountAssignmentCreationStatusResponse
Lists the status of the AWS account assignment creation requests for a specified SSO instance.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1071 1072 1073 1074 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1071 def list_account_assignment_creation_status(params = {}, = {}) req = build_request(:list_account_assignment_creation_status, params) req.send_request() end |
#list_account_assignment_deletion_status(params = {}) ⇒ Types::ListAccountAssignmentDeletionStatusResponse
Lists the status of the AWS account assignment deletion requests for a specified SSO instance.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1126 1127 1128 1129 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1126 def list_account_assignment_deletion_status(params = {}, = {}) req = build_request(:list_account_assignment_deletion_status, params) req.send_request() end |
#list_account_assignments(params = {}) ⇒ Types::ListAccountAssignmentsResponse
Lists the assignee of the specified AWS account with the specified permission set.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1184 1185 1186 1187 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1184 def list_account_assignments(params = {}, = {}) req = build_request(:list_account_assignments, params) req.send_request() end |
#list_accounts_for_provisioned_permission_set(params = {}) ⇒ Types::ListAccountsForProvisionedPermissionSetResponse
Lists all the AWS accounts where the specified permission set is provisioned.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1240 1241 1242 1243 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1240 def (params = {}, = {}) req = build_request(:list_accounts_for_provisioned_permission_set, params) req.send_request() end |
#list_instances(params = {}) ⇒ Types::ListInstancesResponse
Lists the SSO instances that the caller has access to.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1279 1280 1281 1282 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1279 def list_instances(params = {}, = {}) req = build_request(:list_instances, params) req.send_request() end |
#list_managed_policies_in_permission_set(params = {}) ⇒ Types::ListManagedPoliciesInPermissionSetResponse
Lists the IAM managed policy that is attached to a specified permission set.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1331 1332 1333 1334 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1331 def (params = {}, = {}) req = build_request(:list_managed_policies_in_permission_set, params) req.send_request() end |
#list_permission_set_provisioning_status(params = {}) ⇒ Types::ListPermissionSetProvisioningStatusResponse
Lists the status of the permission set provisioning requests for a specified SSO instance.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1386 1387 1388 1389 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1386 def (params = {}, = {}) req = build_request(:list_permission_set_provisioning_status, params) req.send_request() end |
#list_permission_sets(params = {}) ⇒ Types::ListPermissionSetsResponse
Lists the PermissionSets in an SSO instance.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1432 1433 1434 1435 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1432 def (params = {}, = {}) req = build_request(:list_permission_sets, params) req.send_request() end |
#list_permission_sets_provisioned_to_account(params = {}) ⇒ Types::ListPermissionSetsProvisionedToAccountResponse
Lists all the permission sets that are provisioned to a specified AWS account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1487 1488 1489 1490 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1487 def (params = {}, = {}) req = build_request(:list_permission_sets_provisioned_to_account, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Lists the tags that are attached to a specified resource.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1534 1535 1536 1537 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1534 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#provision_permission_set(params = {}) ⇒ Types::ProvisionPermissionSetResponse
The process by which a specified permission set is provisioned to the specified target.
1585 1586 1587 1588 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1585 def (params = {}, = {}) req = build_request(:provision_permission_set, params) req.send_request() end |
#put_inline_policy_to_permission_set(params = {}) ⇒ Struct
Attaches an IAM inline policy to a permission set.
ProvisionPermissionSet
after
this action to apply the corresponding IAM policy updates to all
assigned accounts.
1626 1627 1628 1629 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1626 def (params = {}, = {}) req = build_request(:put_inline_policy_to_permission_set, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Associates a set of tags with a specified resource.
1665 1666 1667 1668 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1665 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Disassociates a set of tags from a specified resource.
1699 1700 1701 1702 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1699 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_instance_access_control_attribute_configuration(params = {}) ⇒ Struct
Updates the AWS SSO identity store attributes to use with the AWS SSO instance for attributes-based access control (ABAC). When using an external identity provider as an identity source, you can pass attributes through the SAML assertion as an alternative to configuring attributes from the AWS SSO identity store. If a SAML assertion passes any of these attributes, AWS SSO will replace the attribute value with the value from the AWS SSO identity store. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
1744 1745 1746 1747 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1744 def update_instance_access_control_attribute_configuration(params = {}, = {}) req = build_request(:update_instance_access_control_attribute_configuration, params) req.send_request() end |
#update_permission_set(params = {}) ⇒ Struct
Updates an existing permission set.
1788 1789 1790 1791 |
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/client.rb', line 1788 def (params = {}, = {}) req = build_request(:update_permission_set, params) req.send_request() end |