Class: Aws::SSOAdmin::Types::AccessControlAttribute

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb

Overview

Note:

When making an API call, you may pass AccessControlAttribute data as a hash:

{
  key: "AccessControlAttributeKey", # required
  value: { # required
    source: ["AccessControlAttributeValueSource"], # required
  },
}

These are AWS SSO identity store attributes that you can configure for use in attributes-based access control (ABAC). You can create permission policies that determine who can access your AWS resources based upon the configured attribute value(s). When you enable ABAC and specify AccessControlAttributes, AWS SSO passes the attribute(s) value of the authenticated user into IAM for use in policy evaluation.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#keyString

The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in AWS SSO.

Returns:

  • (String)


43
44
45
46
47
48
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb', line 43

class AccessControlAttribute < Struct.new(
  :key,
  :value)
  SENSITIVE = []
  include Aws::Structure
end

#valueTypes::AccessControlAttributeValue

The value used for mapping a specified attribute to an identity source.



43
44
45
46
47
48
# File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb', line 43

class AccessControlAttribute < Struct.new(
  :key,
  :value)
  SENSITIVE = []
  include Aws::Structure
end