Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Enables the attributes-based access control (ABAC) feature for the specified IAM Identity Center instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the IAM Identity Center User Guide.

After a successful response, call DescribeInstanceAccessControlAttributeConfiguration to validate that InstanceAccessControlAttributeConfiguration was created.

Synopsis

Creating a Request

data CreateInstanceAccessControlAttributeConfiguration Source #

See: newCreateInstanceAccessControlAttributeConfiguration smart constructor.

Constructors

CreateInstanceAccessControlAttributeConfiguration'

Fields

instanceArn :: Text
The ARN of the IAM Identity Center instance under which the operation will be executed.
instanceAccessControlAttributeConfiguration :: InstanceAccessControlAttributeConfiguration
Specifies the IAM Identity Center identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion. Doing so provides an alternative to configuring attributes from the IAM Identity Center identity store. If a SAML assertion passes any of these attributes, IAM Identity Center will replace the attribute value with the value from the IAM Identity Center identity store.

Instances

Instances details

ToJSON CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods toJSON :: CreateInstanceAccessControlAttributeConfiguration -> Value # toEncoding :: CreateInstanceAccessControlAttributeConfiguration -> Encoding # toJSONList :: [CreateInstanceAccessControlAttributeConfiguration] -> Value # toEncodingList :: [CreateInstanceAccessControlAttributeConfiguration] -> Encoding #
ToHeaders CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods toHeaders :: CreateInstanceAccessControlAttributeConfiguration -> [Header] #
ToPath CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods toPath :: CreateInstanceAccessControlAttributeConfiguration -> ByteString #
ToQuery CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods toQuery :: CreateInstanceAccessControlAttributeConfiguration -> QueryString #
AWSRequest CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Associated Types type AWSResponse CreateInstanceAccessControlAttributeConfiguration # Methods request :: (Service -> Service) -> CreateInstanceAccessControlAttributeConfiguration -> Request CreateInstanceAccessControlAttributeConfiguration # response :: MonadResource m => (ByteStringLazy -> IO ByteStringLazy) -> Service -> Proxy CreateInstanceAccessControlAttributeConfiguration -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse CreateInstanceAccessControlAttributeConfiguration))) #
Generic CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Associated Types type Rep CreateInstanceAccessControlAttributeConfiguration :: Type -> Type # Methods from :: CreateInstanceAccessControlAttributeConfiguration -> Rep CreateInstanceAccessControlAttributeConfiguration x # to :: Rep CreateInstanceAccessControlAttributeConfiguration x -> CreateInstanceAccessControlAttributeConfiguration #
Read CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods readsPrec :: Int -> ReadS CreateInstanceAccessControlAttributeConfiguration # readList :: ReadS [CreateInstanceAccessControlAttributeConfiguration] # readPrec :: ReadPrec CreateInstanceAccessControlAttributeConfiguration # readListPrec :: ReadPrec [CreateInstanceAccessControlAttributeConfiguration] #
Show CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods showsPrec :: Int -> CreateInstanceAccessControlAttributeConfiguration -> ShowS # show :: CreateInstanceAccessControlAttributeConfiguration -> String # showList :: [CreateInstanceAccessControlAttributeConfiguration] -> ShowS #
NFData CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods rnf :: CreateInstanceAccessControlAttributeConfiguration -> () #
Eq CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods (==) :: CreateInstanceAccessControlAttributeConfiguration -> CreateInstanceAccessControlAttributeConfiguration -> Bool # (/=) :: CreateInstanceAccessControlAttributeConfiguration -> CreateInstanceAccessControlAttributeConfiguration -> Bool #
Hashable CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods hashWithSalt :: Int -> CreateInstanceAccessControlAttributeConfiguration -> Int # hash :: CreateInstanceAccessControlAttributeConfiguration -> Int #
type AWSResponse CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration type AWSResponse CreateInstanceAccessControlAttributeConfiguration = CreateInstanceAccessControlAttributeConfigurationResponse
type Rep CreateInstanceAccessControlAttributeConfiguration Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration type Rep CreateInstanceAccessControlAttributeConfiguration = D1 ('MetaData "CreateInstanceAccessControlAttributeConfiguration" "Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "CreateInstanceAccessControlAttributeConfiguration'" 'PrefixI 'True) (S1 ('MetaSel ('Just "instanceArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "instanceAccessControlAttributeConfiguration") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 InstanceAccessControlAttributeConfiguration)))

newCreateInstanceAccessControlAttributeConfiguration Source #

Arguments

:: Text	`CreateInstanceAccessControlAttributeConfiguration`
-> InstanceAccessControlAttributeConfiguration	`$sel:instanceAccessControlAttributeConfiguration:CreateInstanceAccessControlAttributeConfiguration'`
-> CreateInstanceAccessControlAttributeConfiguration

Create a value of CreateInstanceAccessControlAttributeConfiguration with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

CreateInstanceAccessControlAttributeConfiguration, createInstanceAccessControlAttributeConfiguration_instanceArn - The ARN of the IAM Identity Center instance under which the operation will be executed.

$sel:instanceAccessControlAttributeConfiguration:CreateInstanceAccessControlAttributeConfiguration', createInstanceAccessControlAttributeConfiguration_instanceAccessControlAttributeConfiguration - Specifies the IAM Identity Center identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion. Doing so provides an alternative to configuring attributes from the IAM Identity Center identity store. If a SAML assertion passes any of these attributes, IAM Identity Center will replace the attribute value with the value from the IAM Identity Center identity store.

Request Lenses

createInstanceAccessControlAttributeConfiguration_instanceArn :: Lens' CreateInstanceAccessControlAttributeConfiguration Text Source #

The ARN of the IAM Identity Center instance under which the operation will be executed.

createInstanceAccessControlAttributeConfiguration_instanceAccessControlAttributeConfiguration :: Lens' CreateInstanceAccessControlAttributeConfiguration InstanceAccessControlAttributeConfiguration Source #

Specifies the IAM Identity Center identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion. Doing so provides an alternative to configuring attributes from the IAM Identity Center identity store. If a SAML assertion passes any of these attributes, IAM Identity Center will replace the attribute value with the value from the IAM Identity Center identity store.

Destructuring the Response

data CreateInstanceAccessControlAttributeConfigurationResponse Source #

See: newCreateInstanceAccessControlAttributeConfigurationResponse smart constructor.

Constructors

CreateInstanceAccessControlAttributeConfigurationResponse'
Fields httpStatus :: Int The response's http status code.

Instances

Instances details

Generic CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Associated Types type Rep CreateInstanceAccessControlAttributeConfigurationResponse :: Type -> Type # Methods from :: CreateInstanceAccessControlAttributeConfigurationResponse -> Rep CreateInstanceAccessControlAttributeConfigurationResponse x # to :: Rep CreateInstanceAccessControlAttributeConfigurationResponse x -> CreateInstanceAccessControlAttributeConfigurationResponse #
Read CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods readsPrec :: Int -> ReadS CreateInstanceAccessControlAttributeConfigurationResponse # readList :: ReadS [CreateInstanceAccessControlAttributeConfigurationResponse] # readPrec :: ReadPrec CreateInstanceAccessControlAttributeConfigurationResponse # readListPrec :: ReadPrec [CreateInstanceAccessControlAttributeConfigurationResponse] #
Show CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods showsPrec :: Int -> CreateInstanceAccessControlAttributeConfigurationResponse -> ShowS # show :: CreateInstanceAccessControlAttributeConfigurationResponse -> String # showList :: [CreateInstanceAccessControlAttributeConfigurationResponse] -> ShowS #
NFData CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods rnf :: CreateInstanceAccessControlAttributeConfigurationResponse -> () #
Eq CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration Methods (==) :: CreateInstanceAccessControlAttributeConfigurationResponse -> CreateInstanceAccessControlAttributeConfigurationResponse -> Bool # (/=) :: CreateInstanceAccessControlAttributeConfigurationResponse -> CreateInstanceAccessControlAttributeConfigurationResponse -> Bool #
type Rep CreateInstanceAccessControlAttributeConfigurationResponse Source #
Instance details Defined in Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration type Rep CreateInstanceAccessControlAttributeConfigurationResponse = D1 ('MetaData "CreateInstanceAccessControlAttributeConfigurationResponse" "Amazonka.SSOAdmin.CreateInstanceAccessControlAttributeConfiguration" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "CreateInstanceAccessControlAttributeConfigurationResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)))

newCreateInstanceAccessControlAttributeConfigurationResponse Source #

Arguments

:: Int	`$sel:httpStatus:CreateInstanceAccessControlAttributeConfigurationResponse'`
-> CreateInstanceAccessControlAttributeConfigurationResponse

Create a value of CreateInstanceAccessControlAttributeConfigurationResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:httpStatus:CreateInstanceAccessControlAttributeConfigurationResponse', createInstanceAccessControlAttributeConfigurationResponse_httpStatus - The response's http status code.

Response Lenses

createInstanceAccessControlAttributeConfigurationResponse_httpStatus :: Lens' CreateInstanceAccessControlAttributeConfigurationResponse Int Source #

The response's http status code.