AccessControlAttribute
These are AWS SSO identity store attributes that you can configure for use in
attributes-based access control (ABAC). You can create permissions policies that determine
who
can access your AWS resources based upon the configured attribute values. When you
enable
ABAC and specify AccessControlAttributes
, AWS SSO passes the attribute values
of the authenticated user into IAM for use in policy evaluation.
Contents
- Key
-
The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in AWS SSO.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\p{L}\p{Z}\p{N}_.:\/=+\-@]+
Required: Yes
- Value
-
The value used for mapping a specified attribute to an identity source.
Type: AccessControlAttributeValue object
Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: