NAME
Paws::SSOAdmin - Perl Interface to AWS AWS Single Sign-On Admin
SYNOPSIS
use Paws;
my $obj = Paws->service('SSOAdmin');
my $res = $obj->Method(
Arg1 => $val1,
Arg2 => [ 'V1', 'V2' ],
# if Arg3 is an object, the HashRef will be used as arguments to the constructor
# of the arguments type
Arg3 => { Att1 => 'Val1' },
# if Arg4 is an array of objects, the HashRefs will be passed as arguments to
# the constructor of the arguments type
Arg4 => [ { Att1 => 'Val1' }, { Att1 => 'Val2' } ],
);
DESCRIPTION
For the AWS API documentation, see https://docs.aws.amazon.com/goto/WebAPI/sso-2020-07-20
METHODS
AttachManagedPolicyToPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::AttachManagedPolicyToPermissionSet
Returns: a Paws::SSOAdmin::AttachManagedPolicyToPermissionSetResponse instance
Attaches an IAM managed policy ARN to a permission set.
If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet
after this action to apply the corresponding IAM policy updates to all assigned accounts.
CreateAccountAssignment
- InstanceArn => Str
- PermissionSetArn => Str
- PrincipalId => Str
- PrincipalType => Str
- TargetId => Str
- TargetType => Str
Each argument is described in detail in: Paws::SSOAdmin::CreateAccountAssignment
Returns: a Paws::SSOAdmin::CreateAccountAssignmentResponse instance
Assigns access to a principal for a specified AWS account using a specified permission set.
The term principal here refers to a user or group that is defined in AWS SSO.
As part of a successful CreateAccountAssignment
call, the specified permission set will automatically be provisioned to the account in the form of an IAM policy attached to the SSO-created IAM role. If the permission set is subsequently updated, the corresponding IAM policies attached to roles in your accounts will not be updated automatically. In this case, you will need to call ProvisionPermissionSet
to make these updates.
CreateInstanceAccessControlAttributeConfiguration
- InstanceAccessControlAttributeConfiguration => Paws::SSOAdmin::InstanceAccessControlAttributeConfiguration
- InstanceArn => Str
Each argument is described in detail in: Paws::SSOAdmin::CreateInstanceAccessControlAttributeConfiguration
Returns: a Paws::SSOAdmin::CreateInstanceAccessControlAttributeConfigurationResponse instance
Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
CreatePermissionSet
- InstanceArn => Str
- Name => Str
- [Description => Str]
- [RelayState => Str]
- [SessionDuration => Str]
- [Tags => ArrayRef[Paws::SSOAdmin::Tag]]
Each argument is described in detail in: Paws::SSOAdmin::CreatePermissionSet
Returns: a Paws::SSOAdmin::CreatePermissionSetResponse instance
Creates a permission set within a specified SSO instance.
To grant users and groups access to AWS account resources, use CreateAccountAssignment
.
DeleteAccountAssignment
- InstanceArn => Str
- PermissionSetArn => Str
- PrincipalId => Str
- PrincipalType => Str
- TargetId => Str
- TargetType => Str
Each argument is described in detail in: Paws::SSOAdmin::DeleteAccountAssignment
Returns: a Paws::SSOAdmin::DeleteAccountAssignmentResponse instance
Deletes a principal's access from a specified AWS account using a specified permission set.
DeleteInlinePolicyFromPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::DeleteInlinePolicyFromPermissionSet
Returns: a Paws::SSOAdmin::DeleteInlinePolicyFromPermissionSetResponse instance
Deletes the inline policy from a specified permission set.
DeleteInstanceAccessControlAttributeConfiguration
Each argument is described in detail in: Paws::SSOAdmin::DeleteInstanceAccessControlAttributeConfiguration
Returns: a Paws::SSOAdmin::DeleteInstanceAccessControlAttributeConfigurationResponse instance
Disables the attributes-based access control (ABAC) feature for the specified AWS SSO instance and deletes all of the attribute mappings that have been configured. Once deleted, any attributes that are received from an identity source and any custom attributes you have previously configured will not be passed. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
DeletePermissionSet
Each argument is described in detail in: Paws::SSOAdmin::DeletePermissionSet
Returns: a Paws::SSOAdmin::DeletePermissionSetResponse instance
Deletes the specified permission set.
DescribeAccountAssignmentCreationStatus
Each argument is described in detail in: Paws::SSOAdmin::DescribeAccountAssignmentCreationStatus
Returns: a Paws::SSOAdmin::DescribeAccountAssignmentCreationStatusResponse instance
Describes the status of the assignment creation request.
DescribeAccountAssignmentDeletionStatus
Each argument is described in detail in: Paws::SSOAdmin::DescribeAccountAssignmentDeletionStatus
Returns: a Paws::SSOAdmin::DescribeAccountAssignmentDeletionStatusResponse instance
Describes the status of the assignment deletion request.
DescribeInstanceAccessControlAttributeConfiguration
Each argument is described in detail in: Paws::SSOAdmin::DescribeInstanceAccessControlAttributeConfiguration
Returns: a Paws::SSOAdmin::DescribeInstanceAccessControlAttributeConfigurationResponse instance
Returns the list of AWS SSO identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified AWS SSO instance. This will not return attributes configured and sent by an external identity provider. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
DescribePermissionSet
Each argument is described in detail in: Paws::SSOAdmin::DescribePermissionSet
Returns: a Paws::SSOAdmin::DescribePermissionSetResponse instance
Gets the details of the permission set.
DescribePermissionSetProvisioningStatus
Each argument is described in detail in: Paws::SSOAdmin::DescribePermissionSetProvisioningStatus
Returns: a Paws::SSOAdmin::DescribePermissionSetProvisioningStatusResponse instance
Describes the status for the given permission set provisioning request.
DetachManagedPolicyFromPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::DetachManagedPolicyFromPermissionSet
Returns: a Paws::SSOAdmin::DetachManagedPolicyFromPermissionSetResponse instance
Detaches the attached IAM managed policy ARN from the specified permission set.
GetInlinePolicyForPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::GetInlinePolicyForPermissionSet
Returns: a Paws::SSOAdmin::GetInlinePolicyForPermissionSetResponse instance
Obtains the inline policy assigned to the permission set.
ListAccountAssignmentCreationStatus
- InstanceArn => Str
- [Filter => Paws::SSOAdmin::OperationStatusFilter]
- [MaxResults => Int]
- [NextToken => Str]
Each argument is described in detail in: Paws::SSOAdmin::ListAccountAssignmentCreationStatus
Returns: a Paws::SSOAdmin::ListAccountAssignmentCreationStatusResponse instance
Lists the status of the AWS account assignment creation requests for a specified SSO instance.
ListAccountAssignmentDeletionStatus
- InstanceArn => Str
- [Filter => Paws::SSOAdmin::OperationStatusFilter]
- [MaxResults => Int]
- [NextToken => Str]
Each argument is described in detail in: Paws::SSOAdmin::ListAccountAssignmentDeletionStatus
Returns: a Paws::SSOAdmin::ListAccountAssignmentDeletionStatusResponse instance
Lists the status of the AWS account assignment deletion requests for a specified SSO instance.
ListAccountAssignments
Each argument is described in detail in: Paws::SSOAdmin::ListAccountAssignments
Returns: a Paws::SSOAdmin::ListAccountAssignmentsResponse instance
Lists the assignee of the specified AWS account with the specified permission set.
ListAccountsForProvisionedPermissionSet
- InstanceArn => Str
- PermissionSetArn => Str
- [MaxResults => Int]
- [NextToken => Str]
- [ProvisioningStatus => Str]
Each argument is described in detail in: Paws::SSOAdmin::ListAccountsForProvisionedPermissionSet
Returns: a Paws::SSOAdmin::ListAccountsForProvisionedPermissionSetResponse instance
Lists all the AWS accounts where the specified permission set is provisioned.
ListInstances
Each argument is described in detail in: Paws::SSOAdmin::ListInstances
Returns: a Paws::SSOAdmin::ListInstancesResponse instance
Lists the SSO instances that the caller has access to.
ListManagedPoliciesInPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::ListManagedPoliciesInPermissionSet
Returns: a Paws::SSOAdmin::ListManagedPoliciesInPermissionSetResponse instance
Lists the IAM managed policy that is attached to a specified permission set.
ListPermissionSetProvisioningStatus
- InstanceArn => Str
- [Filter => Paws::SSOAdmin::OperationStatusFilter]
- [MaxResults => Int]
- [NextToken => Str]
Each argument is described in detail in: Paws::SSOAdmin::ListPermissionSetProvisioningStatus
Returns: a Paws::SSOAdmin::ListPermissionSetProvisioningStatusResponse instance
Lists the status of the permission set provisioning requests for a specified SSO instance.
ListPermissionSets
Each argument is described in detail in: Paws::SSOAdmin::ListPermissionSets
Returns: a Paws::SSOAdmin::ListPermissionSetsResponse instance
Lists the PermissionSets in an SSO instance.
ListPermissionSetsProvisionedToAccount
- AccountId => Str
- InstanceArn => Str
- [MaxResults => Int]
- [NextToken => Str]
- [ProvisioningStatus => Str]
Each argument is described in detail in: Paws::SSOAdmin::ListPermissionSetsProvisionedToAccount
Returns: a Paws::SSOAdmin::ListPermissionSetsProvisionedToAccountResponse instance
Lists all the permission sets that are provisioned to a specified AWS account.
ListTagsForResource
Each argument is described in detail in: Paws::SSOAdmin::ListTagsForResource
Returns: a Paws::SSOAdmin::ListTagsForResourceResponse instance
Lists the tags that are attached to a specified resource.
ProvisionPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::ProvisionPermissionSet
Returns: a Paws::SSOAdmin::ProvisionPermissionSetResponse instance
The process by which a specified permission set is provisioned to the specified target.
PutInlinePolicyToPermissionSet
Each argument is described in detail in: Paws::SSOAdmin::PutInlinePolicyToPermissionSet
Returns: a Paws::SSOAdmin::PutInlinePolicyToPermissionSetResponse instance
Attaches an IAM inline policy to a permission set.
If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet
after this action to apply the corresponding IAM policy updates to all assigned accounts.
TagResource
- InstanceArn => Str
- ResourceArn => Str
- Tags => ArrayRef[Paws::SSOAdmin::Tag]
Each argument is described in detail in: Paws::SSOAdmin::TagResource
Returns: a Paws::SSOAdmin::TagResourceResponse instance
Associates a set of tags with a specified resource.
UntagResource
Each argument is described in detail in: Paws::SSOAdmin::UntagResource
Returns: a Paws::SSOAdmin::UntagResourceResponse instance
Disassociates a set of tags from a specified resource.
UpdateInstanceAccessControlAttributeConfiguration
- InstanceAccessControlAttributeConfiguration => Paws::SSOAdmin::InstanceAccessControlAttributeConfiguration
- InstanceArn => Str
Each argument is described in detail in: Paws::SSOAdmin::UpdateInstanceAccessControlAttributeConfiguration
Returns: a Paws::SSOAdmin::UpdateInstanceAccessControlAttributeConfigurationResponse instance
Updates the AWS SSO identity store attributes to use with the AWS SSO instance for attributes-based access control (ABAC). When using an external identity provider as an identity source, you can pass attributes through the SAML assertion as an alternative to configuring attributes from the AWS SSO identity store. If a SAML assertion passes any of these attributes, AWS SSO will replace the attribute value with the value from the AWS SSO identity store. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.
UpdatePermissionSet
- InstanceArn => Str
- PermissionSetArn => Str
- [Description => Str]
- [RelayState => Str]
- [SessionDuration => Str]
Each argument is described in detail in: Paws::SSOAdmin::UpdatePermissionSet
Returns: a Paws::SSOAdmin::UpdatePermissionSetResponse instance
Updates an existing permission set.
PAGINATORS
Paginator methods are helpers that repetively call methods that return partial results
ListAllAccountAssignmentCreationStatus(sub { },InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
ListAllAccountAssignmentCreationStatus(InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- AccountAssignmentsCreationStatus, passing the object as the first parameter, and the string 'AccountAssignmentsCreationStatus' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListAccountAssignmentCreationStatusResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllAccountAssignmentDeletionStatus(sub { },InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
ListAllAccountAssignmentDeletionStatus(InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- AccountAssignmentsDeletionStatus, passing the object as the first parameter, and the string 'AccountAssignmentsDeletionStatus' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListAccountAssignmentDeletionStatusResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllAccountAssignments(sub { },AccountId => Str, InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str])
ListAllAccountAssignments(AccountId => Str, InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- AccountAssignments, passing the object as the first parameter, and the string 'AccountAssignments' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListAccountAssignmentsResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllAccountsForProvisionedPermissionSet(sub { },InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str, ProvisioningStatus => Str])
ListAllAccountsForProvisionedPermissionSet(InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str, ProvisioningStatus => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- AccountIds, passing the object as the first parameter, and the string 'AccountIds' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListAccountsForProvisionedPermissionSetResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllInstances(sub { },[MaxResults => Int, NextToken => Str])
ListAllInstances([MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- Instances, passing the object as the first parameter, and the string 'Instances' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListInstancesResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllManagedPoliciesInPermissionSet(sub { },InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str])
ListAllManagedPoliciesInPermissionSet(InstanceArn => Str, PermissionSetArn => Str, [MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- AttachedManagedPolicies, passing the object as the first parameter, and the string 'AttachedManagedPolicies' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListManagedPoliciesInPermissionSetResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllPermissionSetProvisioningStatus(sub { },InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
ListAllPermissionSetProvisioningStatus(InstanceArn => Str, [Filter => Paws::SSOAdmin::OperationStatusFilter, MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- PermissionSetsProvisioningStatus, passing the object as the first parameter, and the string 'PermissionSetsProvisioningStatus' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListPermissionSetProvisioningStatusResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllPermissionSets(sub { },InstanceArn => Str, [MaxResults => Int, NextToken => Str])
ListAllPermissionSets(InstanceArn => Str, [MaxResults => Int, NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- PermissionSets, passing the object as the first parameter, and the string 'PermissionSets' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListPermissionSetsResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllPermissionSetsProvisionedToAccount(sub { },AccountId => Str, InstanceArn => Str, [MaxResults => Int, NextToken => Str, ProvisioningStatus => Str])
ListAllPermissionSetsProvisionedToAccount(AccountId => Str, InstanceArn => Str, [MaxResults => Int, NextToken => Str, ProvisioningStatus => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- PermissionSets, passing the object as the first parameter, and the string 'PermissionSets' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListPermissionSetsProvisionedToAccountResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
ListAllTagsForResource(sub { },InstanceArn => Str, ResourceArn => Str, [NextToken => Str])
ListAllTagsForResource(InstanceArn => Str, ResourceArn => Str, [NextToken => Str])
If passed a sub as first parameter, it will call the sub for each element found in :
- Tags, passing the object as the first parameter, and the string 'Tags' as the second parameter
If not, it will return a a Paws::SSOAdmin::ListTagsForResourceResponse instance with all the param
s; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.
SEE ALSO
This service class forms part of Paws
BUGS and CONTRIBUTIONS
The source code is located here: https://github.com/pplu/aws-sdk-perl
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues