Class CfnPermissionSet
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.sso.CfnPermissionSet
- All Implemented Interfaces:
IConstruct,IDependable,IInspectable,software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:35.858Z")
@Stability(Stable)
public class CfnPermissionSet
extends CfnResource
implements IInspectable
A CloudFormation
AWS::SSO::PermissionSet.
Specifies a permission set within a specified IAM Identity Center instance.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.sso.*;
Object inlinePolicy;
CfnPermissionSet cfnPermissionSet = CfnPermissionSet.Builder.create(this, "MyCfnPermissionSet")
.instanceArn("instanceArn")
.name("name")
// the properties below are optional
.customerManagedPolicyReferences(List.of(CustomerManagedPolicyReferenceProperty.builder()
.name("name")
// the properties below are optional
.path("path")
.build()))
.description("description")
.inlinePolicy(inlinePolicy)
.managedPolicies(List.of("managedPolicies"))
.permissionsBoundary(PermissionsBoundaryProperty.builder()
.customerManagedPolicyReference(CustomerManagedPolicyReferenceProperty.builder()
.name("name")
// the properties below are optional
.path("path")
.build())
.managedPolicyArn("managedPolicyArn")
.build())
.relayStateType("relayStateType")
.sessionDuration("sessionDuration")
.tags(List.of(CfnTag.builder()
.key("key")
.value("value")
.build()))
.build();
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classA fluent builder forCfnPermissionSet.static interfaceSpecifies the name and path of a customer managed policy.static interfaceSpecifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe CloudFormation resource type name for this resource class. -
Constructor Summary
ConstructorsModifierConstructorDescriptionCfnPermissionSet(Construct scope, String id, CfnPermissionSetProps props) Create a newAWS::SSO::PermissionSet.protectedCfnPermissionSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedCfnPermissionSet(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionThe permission set ARN of the permission set, such asarn:aws:sso:::permissionSet/ins-instanceid/ps-permissionsetid.Specifies the names and paths of the customer managed policies that you have attached to your permission set.The description of thePermissionSet.The inline policy that is attached to the permission set.The ARN of the IAM Identity Center instance under which the operation will be executed.A structure that stores the details of the AWS managed policy.getName()The name of the permission set.Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.Used to redirect users within the application during the federation authentication process.The length of time that the application user sessions are valid for in the ISO-8601 standard.getTags()The tags to attach to the newPermissionSet.voidinspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties(Map<String, Object> props) voidSpecifies the names and paths of the customer managed policies that you have attached to your permission set.voidSpecifies the names and paths of the customer managed policies that you have attached to your permission set.voidsetDescription(String value) The description of thePermissionSet.voidsetInlinePolicy(Object value) The inline policy that is attached to the permission set.voidsetInstanceArn(String value) The ARN of the IAM Identity Center instance under which the operation will be executed.voidsetManagedPolicies(List<String> value) A structure that stores the details of the AWS managed policy.voidThe name of the permission set.voidSpecifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.voidSpecifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.voidsetRelayStateType(String value) Used to redirect users within the application during the federation authentication process.voidsetSessionDuration(String value) The length of time that the application user sessions are valid for in the ISO-8601 standard.Methods inherited from class software.amazon.awscdk.core.CfnResource
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validatePropertiesMethods inherited from class software.amazon.awscdk.core.CfnRefElement
getRefMethods inherited from class software.amazon.awscdk.core.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdMethods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validateMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnPermissionSet
protected CfnPermissionSet(software.amazon.jsii.JsiiObjectRef objRef) -
CfnPermissionSet
protected CfnPermissionSet(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnPermissionSet
@Stability(Stable) public CfnPermissionSet(@NotNull Construct scope, @NotNull String id, @NotNull CfnPermissionSetProps props) Create a newAWS::SSO::PermissionSet.- Parameters:
scope-- scope in which this resource is defined.
id-- scoped id of the resource.
props-- resource properties.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspectin interfaceIInspectable- Parameters:
inspector-- tree inspector to collect and process attributes.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderPropertiesin classCfnResource- Parameters:
props- This parameter is required.
-
getAttrPermissionSetArn
The permission set ARN of the permission set, such asarn:aws:sso:::permissionSet/ins-instanceid/ps-permissionsetid. -
getCfnProperties
- Overrides:
getCfnPropertiesin classCfnResource
-
getTags
The tags to attach to the newPermissionSet. -
getInlinePolicy
The inline policy that is attached to the permission set.For
Length Constraints, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned. -
setInlinePolicy
The inline policy that is attached to the permission set.For
Length Constraints, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned. -
getInstanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
-
setInstanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
-
getName
The name of the permission set. -
setName
The name of the permission set. -
getCustomerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set. -
setCustomerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set. -
setCustomerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set. -
getDescription
The description of thePermissionSet. -
setDescription
The description of thePermissionSet. -
getManagedPolicies
A structure that stores the details of the AWS managed policy. -
setManagedPolicies
A structure that stores the details of the AWS managed policy. -
getPermissionsBoundary
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.Specify either
CustomerManagedPolicyReferenceto use the name and path of a customer managed policy, orManagedPolicyArnto use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
-
setPermissionsBoundary
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.Specify either
CustomerManagedPolicyReferenceto use the name and path of a customer managed policy, orManagedPolicyArnto use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
-
setPermissionsBoundary
@Stability(Stable) public void setPermissionsBoundary(@Nullable CfnPermissionSet.PermissionsBoundaryProperty value) Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.Specify either
CustomerManagedPolicyReferenceto use the name and path of a customer managed policy, orManagedPolicyArnto use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
-
getRelayStateType
Used to redirect users within the application during the federation authentication process. -
setRelayStateType
Used to redirect users within the application during the federation authentication process. -
getSessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard. -
setSessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard.
-