AccountAssignment - IAM Identity Center
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AccountAssignment

The assignment that indicates a principal's limited access to a specified Amazon account with a specified permission set.

Note

The term principal here refers to a user or group that is defined in IAM Identity Center.

Contents

AccountId

The identifier of the Amazon account.

Type: String

Length Constraints: Fixed length of 12.

Pattern: \d{12}

Required: No

PermissionSetArn

The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Service Namespaces in the Amazon General Reference.

Type: String

Length Constraints: Minimum length of 10. Maximum length of 1224.

Pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}

Required: No

PrincipalId

An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 47.

Pattern: ([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}

Required: No

PrincipalType

The entity type for which the assignment will be created.

Type: String

Valid Values: USER | GROUP

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: