Class: AWSCDK::SSO::CfnPermissionSetProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
sso/cfn_permission_set_props.rb

Overview

Properties for defining a CfnPermissionSet.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(instance_arn:, name:, customer_managed_policy_references: nil, description: nil, inline_policy: nil, managed_policies: nil, permissions_boundary: nil, relay_state_type: nil, session_duration: nil, tags: nil) ⇒ CfnPermissionSetProps

Returns a new instance of CfnPermissionSetProps.

Parameters:

  • instance_arn (String)

    The ARN of the instance under which the operation will be executed.

  • name (String)

    The name of the permission set.

  • customer_managed_policy_references (AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::SSO::CfnPermissionSet::CustomerManagedPolicyReferenceProperty>, nil) (defaults to: nil)

    Specifies the names and paths of the customer managed policies that you have attached to your permission set.

  • description (String, nil) (defaults to: nil)

    The description of the PermissionSet .

  • inline_policy (Object, nil) (defaults to: nil)

    The inline policy that is attached to the permission set.

  • managed_policies (Array<String>, nil) (defaults to: nil)

    A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.

  • permissions_boundary (AWSCDK::IResolvable, AWSCDK::SSO::CfnPermissionSet::PermissionsBoundaryProperty, nil) (defaults to: nil)

    Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.

  • relay_state_type (String, nil) (defaults to: nil)

    Used to redirect users within the application during the federation authentication process.

  • session_duration (String, nil) (defaults to: nil)

    The length of time that the application user sessions are valid for in the ISO-8601 standard.

  • tags (Array<AWSCDK::CfnTag>, nil) (defaults to: nil)

    The tags to attach to the new PermissionSet .



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'sso/cfn_permission_set_props.rb', line 19

def initialize(instance_arn:, name:, customer_managed_policy_references: nil, description: nil, inline_policy: nil, managed_policies: nil, permissions_boundary: nil, relay_state_type: nil, session_duration: nil, tags: nil)
  @instance_arn = instance_arn
  Jsii::Type.check_type(@instance_arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "instanceArn")
  @name = name
  Jsii::Type.check_type(@name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "name")
  @customer_managed_policy_references = customer_managed_policy_references
  Jsii::Type.check_type(@customer_managed_policy_references, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfc3NvLkNmblBlcm1pc3Npb25TZXQuQ3VzdG9tZXJNYW5hZ2VkUG9saWN5UmVmZXJlbmNlUHJvcGVydHkifV19fSwia2luZCI6ImFycmF5In19XX19")), "customerManagedPolicyReferences") unless @customer_managed_policy_references.nil?
  @description = description
  Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil?
  @inline_policy = inline_policy
  Jsii::Type.check_type(@inline_policy, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "inlinePolicy") unless @inline_policy.nil?
  @managed_policies = managed_policies
  Jsii::Type.check_type(@managed_policies, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "managedPolicies") unless @managed_policies.nil?
  @permissions_boundary = permissions_boundary.is_a?(Hash) ? ::AWSCDK::SSO::CfnPermissionSet::PermissionsBoundaryProperty.new(**permissions_boundary.transform_keys(&:to_sym)) : permissions_boundary
  Jsii::Type.check_type(@permissions_boundary, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19zc28uQ2ZuUGVybWlzc2lvblNldC5QZXJtaXNzaW9uc0JvdW5kYXJ5UHJvcGVydHkifV19fQ==")), "permissionsBoundary") unless @permissions_boundary.nil?
  @relay_state_type = relay_state_type
  Jsii::Type.check_type(@relay_state_type, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "relayStateType") unless @relay_state_type.nil?
  @session_duration = session_duration
  Jsii::Type.check_type(@session_duration, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sessionDuration") unless @session_duration.nil?
  @tags = tags.is_a?(Array) ? tags.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CfnTag.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : tags
  Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLkNmblRhZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "tags") unless @tags.nil?
end

Instance Attribute Details

#customer_managed_policy_referencesAWSCDK::IResolvable, ... (readonly)

Specifies the names and paths of the customer managed policies that you have attached to your permission set.



58
59
60
# File 'sso/cfn_permission_set_props.rb', line 58

def customer_managed_policy_references
  @customer_managed_policy_references
end

#descriptionString? (readonly)

The description of the PermissionSet .



63
64
65
# File 'sso/cfn_permission_set_props.rb', line 63

def description
  @description
end

#inline_policyObject? (readonly)

The inline policy that is attached to the permission set.

For Length Constraints , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.



70
71
72
# File 'sso/cfn_permission_set_props.rb', line 70

def inline_policy
  @inline_policy
end

#instance_arnString (readonly)

The ARN of the instance under which the operation will be executed.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .



48
49
50
# File 'sso/cfn_permission_set_props.rb', line 48

def instance_arn
  @instance_arn
end

#managed_policiesArray<String>? (readonly)

A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.



75
76
77
# File 'sso/cfn_permission_set_props.rb', line 75

def managed_policies
  @managed_policies
end

#nameString (readonly)

The name of the permission set.



53
54
55
# File 'sso/cfn_permission_set_props.rb', line 53

def name
  @name
end

#permissions_boundaryAWSCDK::IResolvable, ... (readonly)

Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.

Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .

Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .



84
85
86
# File 'sso/cfn_permission_set_props.rb', line 84

def permissions_boundary
  @permissions_boundary
end

#relay_state_typeString? (readonly)

Used to redirect users within the application during the federation authentication process.



89
90
91
# File 'sso/cfn_permission_set_props.rb', line 89

def relay_state_type
  @relay_state_type
end

#session_durationString? (readonly)

The length of time that the application user sessions are valid for in the ISO-8601 standard.



94
95
96
# File 'sso/cfn_permission_set_props.rb', line 94

def session_duration
  @session_duration
end

#tagsArray<AWSCDK::CfnTag>? (readonly)

The tags to attach to the new PermissionSet .



99
100
101
# File 'sso/cfn_permission_set_props.rb', line 99

def tags
  @tags
end

Class Method Details

.jsii_propertiesObject



101
102
103
104
105
106
107
108
109
110
111
112
113
114
# File 'sso/cfn_permission_set_props.rb', line 101

def self.jsii_properties
  {
    :instance_arn => "instanceArn",
    :name => "name",
    :customer_managed_policy_references => "customerManagedPolicyReferences",
    :description => "description",
    :inline_policy => "inlinePolicy",
    :managed_policies => "managedPolicies",
    :permissions_boundary => "permissionsBoundary",
    :relay_state_type => "relayStateType",
    :session_duration => "sessionDuration",
    :tags => "tags",
  }
end

Instance Method Details

#to_jsiiObject



116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# File 'sso/cfn_permission_set_props.rb', line 116

def to_jsii
  result = {}
  result.merge!({
    "instanceArn" => @instance_arn,
    "name" => @name,
    "customerManagedPolicyReferences" => @customer_managed_policy_references,
    "description" => @description,
    "inlinePolicy" => @inline_policy,
    "managedPolicies" => @managed_policies,
    "permissionsBoundary" => @permissions_boundary,
    "relayStateType" => @relay_state_type,
    "sessionDuration" => @session_duration,
    "tags" => @tags,
  })
  result.compact
end