Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
- Service Configuration
- Errors
- Waiters
- Operations
- AttachCustomerManagedPolicyReferenceToPermissionSet
- AttachManagedPolicyToPermissionSet
- CreateAccountAssignment
- CreateInstanceAccessControlAttributeConfiguration
- CreatePermissionSet
- DeleteAccountAssignment
- DeleteInlinePolicyFromPermissionSet
- DeleteInstanceAccessControlAttributeConfiguration
- DeletePermissionSet
- DeletePermissionsBoundaryFromPermissionSet
- DescribeAccountAssignmentCreationStatus
- DescribeAccountAssignmentDeletionStatus
- DescribeInstanceAccessControlAttributeConfiguration
- DescribePermissionSet
- DescribePermissionSetProvisioningStatus
- DetachCustomerManagedPolicyReferenceFromPermissionSet
- DetachManagedPolicyFromPermissionSet
- GetInlinePolicyForPermissionSet
- GetPermissionsBoundaryForPermissionSet
- ListAccountAssignmentCreationStatus (Paginated)
- ListAccountAssignmentDeletionStatus (Paginated)
- ListAccountAssignments (Paginated)
- ListAccountsForProvisionedPermissionSet (Paginated)
- ListCustomerManagedPolicyReferencesInPermissionSet (Paginated)
- ListInstances (Paginated)
- ListManagedPoliciesInPermissionSet (Paginated)
- ListPermissionSetProvisioningStatus (Paginated)
- ListPermissionSets (Paginated)
- ListPermissionSetsProvisionedToAccount (Paginated)
- ListTagsForResource (Paginated)
- ProvisionPermissionSet
- PutInlinePolicyToPermissionSet
- PutPermissionsBoundaryToPermissionSet
- TagResource
- UntagResource
- UpdateInstanceAccessControlAttributeConfiguration
- UpdatePermissionSet
- Types
- InstanceAccessControlAttributeConfigurationStatus
- PrincipalType
- ProvisionTargetType
- ProvisioningStatus
- StatusValues
- TargetType
- AccessControlAttribute
- AccessControlAttributeValue
- AccountAssignment
- AccountAssignmentOperationStatus
- AccountAssignmentOperationStatusMetadata
- AttachedManagedPolicy
- CustomerManagedPolicyReference
- InstanceAccessControlAttributeConfiguration
- InstanceMetadata
- OperationStatusFilter
- PermissionSet
- PermissionSetProvisioningStatus
- PermissionSetProvisioningStatusMetadata
- PermissionsBoundary
- Tag
Derived from API version 2020-07-20
of the AWS service descriptions, licensed under Apache 2.0.
AWS IAM Identity Center (successor to AWS Single Sign-On) helps you securely create, or connect, your workforce identities and manage their access centrally across AWS accounts and applications. IAM Identity Center is the recommended approach for workforce authentication and authorization in AWS, for organizations of any size and type.
Although AWS Single Sign-On was renamed, the sso
and identitystore
API namespaces will continue to retain their original name for backward
compatibility purposes. For more information, see
IAM Identity Center rename.
This reference guide provides information on single sign-on operations which could be used for access management of AWS accounts. For information about IAM Identity Center features, see the IAM Identity Center User Guide.
Many operations in the IAM Identity Center APIs rely on identifiers for users and groups, known as principals. For more information about how to work with principals and principal IDs in IAM Identity Center, see the Identity Store API Reference.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .Net, iOS, Android, and more). The SDKs provide a convenient way to create programmatic access to IAM Identity Center and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
Synopsis
- defaultService :: Service
- _AccessDeniedException :: AsError a => Fold a ServiceError
- _ConflictException :: AsError a => Fold a ServiceError
- _InternalServerException :: AsError a => Fold a ServiceError
- _ResourceNotFoundException :: AsError a => Fold a ServiceError
- _ServiceQuotaExceededException :: AsError a => Fold a ServiceError
- _ThrottlingException :: AsError a => Fold a ServiceError
- _ValidationException :: AsError a => Fold a ServiceError
- data AttachCustomerManagedPolicyReferenceToPermissionSet = AttachCustomerManagedPolicyReferenceToPermissionSet' Text Text CustomerManagedPolicyReference
- newAttachCustomerManagedPolicyReferenceToPermissionSet :: Text -> Text -> CustomerManagedPolicyReference -> AttachCustomerManagedPolicyReferenceToPermissionSet
- data AttachCustomerManagedPolicyReferenceToPermissionSetResponse = AttachCustomerManagedPolicyReferenceToPermissionSetResponse' Int
- newAttachCustomerManagedPolicyReferenceToPermissionSetResponse :: Int -> AttachCustomerManagedPolicyReferenceToPermissionSetResponse
- data AttachManagedPolicyToPermissionSet = AttachManagedPolicyToPermissionSet' Text Text Text
- newAttachManagedPolicyToPermissionSet :: Text -> Text -> Text -> AttachManagedPolicyToPermissionSet
- data AttachManagedPolicyToPermissionSetResponse = AttachManagedPolicyToPermissionSetResponse' Int
- newAttachManagedPolicyToPermissionSetResponse :: Int -> AttachManagedPolicyToPermissionSetResponse
- data CreateAccountAssignment = CreateAccountAssignment' Text Text TargetType Text PrincipalType Text
- newCreateAccountAssignment :: Text -> Text -> TargetType -> Text -> PrincipalType -> Text -> CreateAccountAssignment
- data CreateAccountAssignmentResponse = CreateAccountAssignmentResponse' (Maybe AccountAssignmentOperationStatus) Int
- newCreateAccountAssignmentResponse :: Int -> CreateAccountAssignmentResponse
- data CreateInstanceAccessControlAttributeConfiguration = CreateInstanceAccessControlAttributeConfiguration' Text InstanceAccessControlAttributeConfiguration
- newCreateInstanceAccessControlAttributeConfiguration :: Text -> InstanceAccessControlAttributeConfiguration -> CreateInstanceAccessControlAttributeConfiguration
- data CreateInstanceAccessControlAttributeConfigurationResponse = CreateInstanceAccessControlAttributeConfigurationResponse' Int
- newCreateInstanceAccessControlAttributeConfigurationResponse :: Int -> CreateInstanceAccessControlAttributeConfigurationResponse
- data CreatePermissionSet = CreatePermissionSet' (Maybe Text) (Maybe Text) (Maybe Text) (Maybe [Tag]) Text Text
- newCreatePermissionSet :: Text -> Text -> CreatePermissionSet
- data CreatePermissionSetResponse = CreatePermissionSetResponse' (Maybe PermissionSet) Int
- newCreatePermissionSetResponse :: Int -> CreatePermissionSetResponse
- data DeleteAccountAssignment = DeleteAccountAssignment' Text Text TargetType Text PrincipalType Text
- newDeleteAccountAssignment :: Text -> Text -> TargetType -> Text -> PrincipalType -> Text -> DeleteAccountAssignment
- data DeleteAccountAssignmentResponse = DeleteAccountAssignmentResponse' (Maybe AccountAssignmentOperationStatus) Int
- newDeleteAccountAssignmentResponse :: Int -> DeleteAccountAssignmentResponse
- data DeleteInlinePolicyFromPermissionSet = DeleteInlinePolicyFromPermissionSet' Text Text
- newDeleteInlinePolicyFromPermissionSet :: Text -> Text -> DeleteInlinePolicyFromPermissionSet
- data DeleteInlinePolicyFromPermissionSetResponse = DeleteInlinePolicyFromPermissionSetResponse' Int
- newDeleteInlinePolicyFromPermissionSetResponse :: Int -> DeleteInlinePolicyFromPermissionSetResponse
- data DeleteInstanceAccessControlAttributeConfiguration = DeleteInstanceAccessControlAttributeConfiguration' Text
- newDeleteInstanceAccessControlAttributeConfiguration :: Text -> DeleteInstanceAccessControlAttributeConfiguration
- data DeleteInstanceAccessControlAttributeConfigurationResponse = DeleteInstanceAccessControlAttributeConfigurationResponse' Int
- newDeleteInstanceAccessControlAttributeConfigurationResponse :: Int -> DeleteInstanceAccessControlAttributeConfigurationResponse
- data DeletePermissionSet = DeletePermissionSet' Text Text
- newDeletePermissionSet :: Text -> Text -> DeletePermissionSet
- data DeletePermissionSetResponse = DeletePermissionSetResponse' Int
- newDeletePermissionSetResponse :: Int -> DeletePermissionSetResponse
- data DeletePermissionsBoundaryFromPermissionSet = DeletePermissionsBoundaryFromPermissionSet' Text Text
- newDeletePermissionsBoundaryFromPermissionSet :: Text -> Text -> DeletePermissionsBoundaryFromPermissionSet
- data DeletePermissionsBoundaryFromPermissionSetResponse = DeletePermissionsBoundaryFromPermissionSetResponse' Int
- newDeletePermissionsBoundaryFromPermissionSetResponse :: Int -> DeletePermissionsBoundaryFromPermissionSetResponse
- data DescribeAccountAssignmentCreationStatus = DescribeAccountAssignmentCreationStatus' Text Text
- newDescribeAccountAssignmentCreationStatus :: Text -> Text -> DescribeAccountAssignmentCreationStatus
- data DescribeAccountAssignmentCreationStatusResponse = DescribeAccountAssignmentCreationStatusResponse' (Maybe AccountAssignmentOperationStatus) Int
- newDescribeAccountAssignmentCreationStatusResponse :: Int -> DescribeAccountAssignmentCreationStatusResponse
- data DescribeAccountAssignmentDeletionStatus = DescribeAccountAssignmentDeletionStatus' Text Text
- newDescribeAccountAssignmentDeletionStatus :: Text -> Text -> DescribeAccountAssignmentDeletionStatus
- data DescribeAccountAssignmentDeletionStatusResponse = DescribeAccountAssignmentDeletionStatusResponse' (Maybe AccountAssignmentOperationStatus) Int
- newDescribeAccountAssignmentDeletionStatusResponse :: Int -> DescribeAccountAssignmentDeletionStatusResponse
- data DescribeInstanceAccessControlAttributeConfiguration = DescribeInstanceAccessControlAttributeConfiguration' Text
- newDescribeInstanceAccessControlAttributeConfiguration :: Text -> DescribeInstanceAccessControlAttributeConfiguration
- data DescribeInstanceAccessControlAttributeConfigurationResponse = DescribeInstanceAccessControlAttributeConfigurationResponse' (Maybe InstanceAccessControlAttributeConfiguration) (Maybe InstanceAccessControlAttributeConfigurationStatus) (Maybe Text) Int
- newDescribeInstanceAccessControlAttributeConfigurationResponse :: Int -> DescribeInstanceAccessControlAttributeConfigurationResponse
- data DescribePermissionSet = DescribePermissionSet' Text Text
- newDescribePermissionSet :: Text -> Text -> DescribePermissionSet
- data DescribePermissionSetResponse = DescribePermissionSetResponse' (Maybe PermissionSet) Int
- newDescribePermissionSetResponse :: Int -> DescribePermissionSetResponse
- data DescribePermissionSetProvisioningStatus = DescribePermissionSetProvisioningStatus' Text Text
- newDescribePermissionSetProvisioningStatus :: Text -> Text -> DescribePermissionSetProvisioningStatus
- data DescribePermissionSetProvisioningStatusResponse = DescribePermissionSetProvisioningStatusResponse' (Maybe PermissionSetProvisioningStatus) Int
- newDescribePermissionSetProvisioningStatusResponse :: Int -> DescribePermissionSetProvisioningStatusResponse
- data DetachCustomerManagedPolicyReferenceFromPermissionSet = DetachCustomerManagedPolicyReferenceFromPermissionSet' Text Text CustomerManagedPolicyReference
- newDetachCustomerManagedPolicyReferenceFromPermissionSet :: Text -> Text -> CustomerManagedPolicyReference -> DetachCustomerManagedPolicyReferenceFromPermissionSet
- data DetachCustomerManagedPolicyReferenceFromPermissionSetResponse = DetachCustomerManagedPolicyReferenceFromPermissionSetResponse' Int
- newDetachCustomerManagedPolicyReferenceFromPermissionSetResponse :: Int -> DetachCustomerManagedPolicyReferenceFromPermissionSetResponse
- data DetachManagedPolicyFromPermissionSet = DetachManagedPolicyFromPermissionSet' Text Text Text
- newDetachManagedPolicyFromPermissionSet :: Text -> Text -> Text -> DetachManagedPolicyFromPermissionSet
- data DetachManagedPolicyFromPermissionSetResponse = DetachManagedPolicyFromPermissionSetResponse' Int
- newDetachManagedPolicyFromPermissionSetResponse :: Int -> DetachManagedPolicyFromPermissionSetResponse
- data GetInlinePolicyForPermissionSet = GetInlinePolicyForPermissionSet' Text Text
- newGetInlinePolicyForPermissionSet :: Text -> Text -> GetInlinePolicyForPermissionSet
- data GetInlinePolicyForPermissionSetResponse = GetInlinePolicyForPermissionSetResponse' (Maybe Text) Int
- newGetInlinePolicyForPermissionSetResponse :: Int -> GetInlinePolicyForPermissionSetResponse
- data GetPermissionsBoundaryForPermissionSet = GetPermissionsBoundaryForPermissionSet' Text Text
- newGetPermissionsBoundaryForPermissionSet :: Text -> Text -> GetPermissionsBoundaryForPermissionSet
- data GetPermissionsBoundaryForPermissionSetResponse = GetPermissionsBoundaryForPermissionSetResponse' (Maybe PermissionsBoundary) Int
- newGetPermissionsBoundaryForPermissionSetResponse :: Int -> GetPermissionsBoundaryForPermissionSetResponse
- data ListAccountAssignmentCreationStatus = ListAccountAssignmentCreationStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text
- newListAccountAssignmentCreationStatus :: Text -> ListAccountAssignmentCreationStatus
- data ListAccountAssignmentCreationStatusResponse = ListAccountAssignmentCreationStatusResponse' (Maybe [AccountAssignmentOperationStatusMetadata]) (Maybe Text) Int
- newListAccountAssignmentCreationStatusResponse :: Int -> ListAccountAssignmentCreationStatusResponse
- data ListAccountAssignmentDeletionStatus = ListAccountAssignmentDeletionStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text
- newListAccountAssignmentDeletionStatus :: Text -> ListAccountAssignmentDeletionStatus
- data ListAccountAssignmentDeletionStatusResponse = ListAccountAssignmentDeletionStatusResponse' (Maybe [AccountAssignmentOperationStatusMetadata]) (Maybe Text) Int
- newListAccountAssignmentDeletionStatusResponse :: Int -> ListAccountAssignmentDeletionStatusResponse
- data ListAccountAssignments = ListAccountAssignments' (Maybe Natural) (Maybe Text) Text Text Text
- newListAccountAssignments :: Text -> Text -> Text -> ListAccountAssignments
- data ListAccountAssignmentsResponse = ListAccountAssignmentsResponse' (Maybe [AccountAssignment]) (Maybe Text) Int
- newListAccountAssignmentsResponse :: Int -> ListAccountAssignmentsResponse
- data ListAccountsForProvisionedPermissionSet = ListAccountsForProvisionedPermissionSet' (Maybe Natural) (Maybe Text) (Maybe ProvisioningStatus) Text Text
- newListAccountsForProvisionedPermissionSet :: Text -> Text -> ListAccountsForProvisionedPermissionSet
- data ListAccountsForProvisionedPermissionSetResponse = ListAccountsForProvisionedPermissionSetResponse' (Maybe [Text]) (Maybe Text) Int
- newListAccountsForProvisionedPermissionSetResponse :: Int -> ListAccountsForProvisionedPermissionSetResponse
- data ListCustomerManagedPolicyReferencesInPermissionSet = ListCustomerManagedPolicyReferencesInPermissionSet' (Maybe Natural) (Maybe Text) Text Text
- newListCustomerManagedPolicyReferencesInPermissionSet :: Text -> Text -> ListCustomerManagedPolicyReferencesInPermissionSet
- data ListCustomerManagedPolicyReferencesInPermissionSetResponse = ListCustomerManagedPolicyReferencesInPermissionSetResponse' (Maybe [CustomerManagedPolicyReference]) (Maybe Text) Int
- newListCustomerManagedPolicyReferencesInPermissionSetResponse :: Int -> ListCustomerManagedPolicyReferencesInPermissionSetResponse
- data ListInstances = ListInstances' (Maybe Natural) (Maybe Text)
- newListInstances :: ListInstances
- data ListInstancesResponse = ListInstancesResponse' (Maybe [InstanceMetadata]) (Maybe Text) Int
- newListInstancesResponse :: Int -> ListInstancesResponse
- data ListManagedPoliciesInPermissionSet = ListManagedPoliciesInPermissionSet' (Maybe Natural) (Maybe Text) Text Text
- newListManagedPoliciesInPermissionSet :: Text -> Text -> ListManagedPoliciesInPermissionSet
- data ListManagedPoliciesInPermissionSetResponse = ListManagedPoliciesInPermissionSetResponse' (Maybe [AttachedManagedPolicy]) (Maybe Text) Int
- newListManagedPoliciesInPermissionSetResponse :: Int -> ListManagedPoliciesInPermissionSetResponse
- data ListPermissionSetProvisioningStatus = ListPermissionSetProvisioningStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text
- newListPermissionSetProvisioningStatus :: Text -> ListPermissionSetProvisioningStatus
- data ListPermissionSetProvisioningStatusResponse = ListPermissionSetProvisioningStatusResponse' (Maybe Text) (Maybe [PermissionSetProvisioningStatusMetadata]) Int
- newListPermissionSetProvisioningStatusResponse :: Int -> ListPermissionSetProvisioningStatusResponse
- data ListPermissionSets = ListPermissionSets' (Maybe Natural) (Maybe Text) Text
- newListPermissionSets :: Text -> ListPermissionSets
- data ListPermissionSetsResponse = ListPermissionSetsResponse' (Maybe Text) (Maybe [Text]) Int
- newListPermissionSetsResponse :: Int -> ListPermissionSetsResponse
- data ListPermissionSetsProvisionedToAccount = ListPermissionSetsProvisionedToAccount' (Maybe Natural) (Maybe Text) (Maybe ProvisioningStatus) Text Text
- newListPermissionSetsProvisionedToAccount :: Text -> Text -> ListPermissionSetsProvisionedToAccount
- data ListPermissionSetsProvisionedToAccountResponse = ListPermissionSetsProvisionedToAccountResponse' (Maybe Text) (Maybe [Text]) Int
- newListPermissionSetsProvisionedToAccountResponse :: Int -> ListPermissionSetsProvisionedToAccountResponse
- data ListTagsForResource = ListTagsForResource' (Maybe Text) Text Text
- newListTagsForResource :: Text -> Text -> ListTagsForResource
- data ListTagsForResourceResponse = ListTagsForResourceResponse' (Maybe Text) (Maybe [Tag]) Int
- newListTagsForResourceResponse :: Int -> ListTagsForResourceResponse
- data ProvisionPermissionSet = ProvisionPermissionSet' (Maybe Text) Text Text ProvisionTargetType
- newProvisionPermissionSet :: Text -> Text -> ProvisionTargetType -> ProvisionPermissionSet
- data ProvisionPermissionSetResponse = ProvisionPermissionSetResponse' (Maybe PermissionSetProvisioningStatus) Int
- newProvisionPermissionSetResponse :: Int -> ProvisionPermissionSetResponse
- data PutInlinePolicyToPermissionSet = PutInlinePolicyToPermissionSet' Text Text Text
- newPutInlinePolicyToPermissionSet :: Text -> Text -> Text -> PutInlinePolicyToPermissionSet
- data PutInlinePolicyToPermissionSetResponse = PutInlinePolicyToPermissionSetResponse' Int
- newPutInlinePolicyToPermissionSetResponse :: Int -> PutInlinePolicyToPermissionSetResponse
- data PutPermissionsBoundaryToPermissionSet = PutPermissionsBoundaryToPermissionSet' Text Text PermissionsBoundary
- newPutPermissionsBoundaryToPermissionSet :: Text -> Text -> PermissionsBoundary -> PutPermissionsBoundaryToPermissionSet
- data PutPermissionsBoundaryToPermissionSetResponse = PutPermissionsBoundaryToPermissionSetResponse' Int
- newPutPermissionsBoundaryToPermissionSetResponse :: Int -> PutPermissionsBoundaryToPermissionSetResponse
- data TagResource = TagResource' Text Text [Tag]
- newTagResource :: Text -> Text -> TagResource
- data TagResourceResponse = TagResourceResponse' Int
- newTagResourceResponse :: Int -> TagResourceResponse
- data UntagResource = UntagResource' Text Text (NonEmpty Text)
- newUntagResource :: Text -> Text -> NonEmpty Text -> UntagResource
- data UntagResourceResponse = UntagResourceResponse' Int
- newUntagResourceResponse :: Int -> UntagResourceResponse
- data UpdateInstanceAccessControlAttributeConfiguration = UpdateInstanceAccessControlAttributeConfiguration' Text InstanceAccessControlAttributeConfiguration
- newUpdateInstanceAccessControlAttributeConfiguration :: Text -> InstanceAccessControlAttributeConfiguration -> UpdateInstanceAccessControlAttributeConfiguration
- data UpdateInstanceAccessControlAttributeConfigurationResponse = UpdateInstanceAccessControlAttributeConfigurationResponse' Int
- newUpdateInstanceAccessControlAttributeConfigurationResponse :: Int -> UpdateInstanceAccessControlAttributeConfigurationResponse
- data UpdatePermissionSet = UpdatePermissionSet' (Maybe Text) (Maybe Text) (Maybe Text) Text Text
- newUpdatePermissionSet :: Text -> Text -> UpdatePermissionSet
- data UpdatePermissionSetResponse = UpdatePermissionSetResponse' Int
- newUpdatePermissionSetResponse :: Int -> UpdatePermissionSetResponse
- newtype InstanceAccessControlAttributeConfigurationStatus where
- InstanceAccessControlAttributeConfigurationStatus' { }
- pattern InstanceAccessControlAttributeConfigurationStatus_CREATION_FAILED :: InstanceAccessControlAttributeConfigurationStatus
- pattern InstanceAccessControlAttributeConfigurationStatus_CREATION_IN_PROGRESS :: InstanceAccessControlAttributeConfigurationStatus
- pattern InstanceAccessControlAttributeConfigurationStatus_ENABLED :: InstanceAccessControlAttributeConfigurationStatus
- newtype PrincipalType where
- PrincipalType' { }
- pattern PrincipalType_GROUP :: PrincipalType
- pattern PrincipalType_USER :: PrincipalType
- newtype ProvisionTargetType where
- newtype ProvisioningStatus where
- newtype StatusValues where
- StatusValues' { }
- pattern StatusValues_FAILED :: StatusValues
- pattern StatusValues_IN_PROGRESS :: StatusValues
- pattern StatusValues_SUCCEEDED :: StatusValues
- newtype TargetType where
- TargetType' { }
- pattern TargetType_AWS_ACCOUNT :: TargetType
- data AccessControlAttribute = AccessControlAttribute' Text AccessControlAttributeValue
- newAccessControlAttribute :: Text -> AccessControlAttributeValue -> AccessControlAttribute
- data AccessControlAttributeValue = AccessControlAttributeValue' (NonEmpty Text)
- newAccessControlAttributeValue :: NonEmpty Text -> AccessControlAttributeValue
- data AccountAssignment = AccountAssignment' (Maybe Text) (Maybe Text) (Maybe Text) (Maybe PrincipalType)
- newAccountAssignment :: AccountAssignment
- data AccountAssignmentOperationStatus = AccountAssignmentOperationStatus' (Maybe POSIX) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe PrincipalType) (Maybe Text) (Maybe StatusValues) (Maybe Text) (Maybe TargetType)
- newAccountAssignmentOperationStatus :: AccountAssignmentOperationStatus
- data AccountAssignmentOperationStatusMetadata = AccountAssignmentOperationStatusMetadata' (Maybe POSIX) (Maybe Text) (Maybe StatusValues)
- newAccountAssignmentOperationStatusMetadata :: AccountAssignmentOperationStatusMetadata
- data AttachedManagedPolicy = AttachedManagedPolicy' (Maybe Text) (Maybe Text)
- newAttachedManagedPolicy :: AttachedManagedPolicy
- data CustomerManagedPolicyReference = CustomerManagedPolicyReference' (Maybe Text) Text
- newCustomerManagedPolicyReference :: Text -> CustomerManagedPolicyReference
- data InstanceAccessControlAttributeConfiguration = InstanceAccessControlAttributeConfiguration' [AccessControlAttribute]
- newInstanceAccessControlAttributeConfiguration :: InstanceAccessControlAttributeConfiguration
- data InstanceMetadata = InstanceMetadata' (Maybe Text) (Maybe Text)
- newInstanceMetadata :: InstanceMetadata
- data OperationStatusFilter = OperationStatusFilter' (Maybe StatusValues)
- newOperationStatusFilter :: OperationStatusFilter
- data PermissionSet = PermissionSet' (Maybe POSIX) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe Text)
- newPermissionSet :: PermissionSet
- data PermissionSetProvisioningStatus = PermissionSetProvisioningStatus' (Maybe Text) (Maybe POSIX) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe StatusValues)
- newPermissionSetProvisioningStatus :: PermissionSetProvisioningStatus
- data PermissionSetProvisioningStatusMetadata = PermissionSetProvisioningStatusMetadata' (Maybe POSIX) (Maybe Text) (Maybe StatusValues)
- newPermissionSetProvisioningStatusMetadata :: PermissionSetProvisioningStatusMetadata
- data PermissionsBoundary = PermissionsBoundary' (Maybe CustomerManagedPolicyReference) (Maybe Text)
- newPermissionsBoundary :: PermissionsBoundary
- data Tag = Tag' Text Text
- newTag :: Text -> Text -> Tag
Service Configuration
defaultService :: Service Source #
API version 2020-07-20
of the Amazon Single Sign-On Admin SDK configuration.
Errors
Error matchers are designed for use with the functions provided by
Control.Exception.Lens.
This allows catching (and rethrowing) service specific errors returned
by SSOAdmin
.
AccessDeniedException
_AccessDeniedException :: AsError a => Fold a ServiceError Source #
You do not have sufficient access to perform this action.
ConflictException
_ConflictException :: AsError a => Fold a ServiceError Source #
Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.
InternalServerException
_InternalServerException :: AsError a => Fold a ServiceError Source #
The request processing has failed because of an unknown error, exception, or failure with an internal server.
ResourceNotFoundException
_ResourceNotFoundException :: AsError a => Fold a ServiceError Source #
Indicates that a requested resource is not found.
ServiceQuotaExceededException
_ServiceQuotaExceededException :: AsError a => Fold a ServiceError Source #
Indicates that the principal has crossed the permitted number of resources that can be created.
ThrottlingException
_ThrottlingException :: AsError a => Fold a ServiceError Source #
Indicates that the principal has crossed the throttling limits of the API operations.
ValidationException
_ValidationException :: AsError a => Fold a ServiceError Source #
The request failed because it contains a syntax error.
Waiters
Waiters poll by repeatedly sending a request until some remote success condition
configured by the Wait
specification is fulfilled. The Wait
specification
determines how many attempts should be made, in addition to delay and retry strategies.
Operations
Some AWS operations return results that are incomplete and require subsequent
requests in order to obtain the entire result set. The process of sending
subsequent requests to continue where a previous request left off is called
pagination. For example, the ListObjects
operation of Amazon S3 returns up to
1000 objects at a time, and you must send subsequent requests with the
appropriate Marker in order to retrieve the next page of results.
Operations that have an AWSPager
instance can transparently perform subsequent
requests, correctly setting Markers and other request facets to iterate through
the entire result set of a truncated API operation. Operations which support
this have an additional note in the documentation.
Many operations have the ability to filter results on the server side. See the individual operation parameters for details.
AttachCustomerManagedPolicyReferenceToPermissionSet
data AttachCustomerManagedPolicyReferenceToPermissionSet Source #
See: newAttachCustomerManagedPolicyReferenceToPermissionSet
smart constructor.
Instances
newAttachCustomerManagedPolicyReferenceToPermissionSet Source #
:: Text | |
-> Text | |
-> CustomerManagedPolicyReference | |
-> AttachCustomerManagedPolicyReferenceToPermissionSet |
Create a value of AttachCustomerManagedPolicyReferenceToPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
AttachCustomerManagedPolicyReferenceToPermissionSet
, attachCustomerManagedPolicyReferenceToPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
AttachCustomerManagedPolicyReferenceToPermissionSet
, attachCustomerManagedPolicyReferenceToPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
AttachCustomerManagedPolicyReferenceToPermissionSet
, attachCustomerManagedPolicyReferenceToPermissionSet_customerManagedPolicyReference
- Specifies the name and path of a customer managed policy. You must have
an IAM policy that matches the name and path in each AWS account where
you want to deploy your permission set.
data AttachCustomerManagedPolicyReferenceToPermissionSetResponse Source #
See: newAttachCustomerManagedPolicyReferenceToPermissionSetResponse
smart constructor.
Instances
newAttachCustomerManagedPolicyReferenceToPermissionSetResponse Source #
:: Int |
|
-> AttachCustomerManagedPolicyReferenceToPermissionSetResponse |
Create a value of AttachCustomerManagedPolicyReferenceToPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:AttachCustomerManagedPolicyReferenceToPermissionSetResponse'
, attachCustomerManagedPolicyReferenceToPermissionSetResponse_httpStatus
- The response's http status code.
AttachManagedPolicyToPermissionSet
data AttachManagedPolicyToPermissionSet Source #
See: newAttachManagedPolicyToPermissionSet
smart constructor.
Instances
newAttachManagedPolicyToPermissionSet Source #
:: Text | |
-> Text | |
-> Text | |
-> AttachManagedPolicyToPermissionSet |
Create a value of AttachManagedPolicyToPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
AttachManagedPolicyToPermissionSet
, attachManagedPolicyToPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
AttachManagedPolicyToPermissionSet
, attachManagedPolicyToPermissionSet_permissionSetArn
- The ARN of the PermissionSet that the managed policy should be attached
to.
AttachManagedPolicyToPermissionSet
, attachManagedPolicyToPermissionSet_managedPolicyArn
- The AWS managed policy ARN to be attached to a permission set.
data AttachManagedPolicyToPermissionSetResponse Source #
See: newAttachManagedPolicyToPermissionSetResponse
smart constructor.
Instances
Generic AttachManagedPolicyToPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.AttachManagedPolicyToPermissionSet type Rep AttachManagedPolicyToPermissionSetResponse :: Type -> Type # | |
Read AttachManagedPolicyToPermissionSetResponse Source # | |
Show AttachManagedPolicyToPermissionSetResponse Source # | |
NFData AttachManagedPolicyToPermissionSetResponse Source # | |
Eq AttachManagedPolicyToPermissionSetResponse Source # | |
type Rep AttachManagedPolicyToPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.AttachManagedPolicyToPermissionSet type Rep AttachManagedPolicyToPermissionSetResponse = D1 ('MetaData "AttachManagedPolicyToPermissionSetResponse" "Amazonka.SSOAdmin.AttachManagedPolicyToPermissionSet" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "AttachManagedPolicyToPermissionSetResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))) |
newAttachManagedPolicyToPermissionSetResponse Source #
Create a value of AttachManagedPolicyToPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:AttachManagedPolicyToPermissionSetResponse'
, attachManagedPolicyToPermissionSetResponse_httpStatus
- The response's http status code.
CreateAccountAssignment
data CreateAccountAssignment Source #
See: newCreateAccountAssignment
smart constructor.
Instances
newCreateAccountAssignment Source #
:: Text | |
-> Text | |
-> TargetType | |
-> Text | |
-> PrincipalType | |
-> Text | |
-> CreateAccountAssignment |
Create a value of CreateAccountAssignment
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
CreateAccountAssignment
, createAccountAssignment_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
CreateAccountAssignment
, createAccountAssignment_targetId
- TargetID is an AWS account identifier, typically a 10-12 digit string
(For example, 123456789012).
CreateAccountAssignment
, createAccountAssignment_targetType
- The entity type for which the assignment will be created.
CreateAccountAssignment
, createAccountAssignment_permissionSetArn
- The ARN of the permission set that the admin wants to grant the
principal access to.
CreateAccountAssignment
, createAccountAssignment_principalType
- The entity type for which the assignment will be created.
CreateAccountAssignment
, createAccountAssignment_principalId
- An identifier for an object in IAM Identity Center, such as a user or
group. PrincipalIds are GUIDs (For example,
f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
PrincipalIds in IAM Identity Center, see the
IAM Identity Center Identity Store API Reference.
data CreateAccountAssignmentResponse Source #
See: newCreateAccountAssignmentResponse
smart constructor.
Instances
newCreateAccountAssignmentResponse Source #
Create a value of CreateAccountAssignmentResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentCreationStatus:CreateAccountAssignmentResponse'
, createAccountAssignmentResponse_accountAssignmentCreationStatus
- The status object for the account assignment creation operation.
$sel:httpStatus:CreateAccountAssignmentResponse'
, createAccountAssignmentResponse_httpStatus
- The response's http status code.
CreateInstanceAccessControlAttributeConfiguration
data CreateInstanceAccessControlAttributeConfiguration Source #
See: newCreateInstanceAccessControlAttributeConfiguration
smart constructor.
Instances
newCreateInstanceAccessControlAttributeConfiguration Source #
Create a value of CreateInstanceAccessControlAttributeConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
CreateInstanceAccessControlAttributeConfiguration
, createInstanceAccessControlAttributeConfiguration_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
$sel:instanceAccessControlAttributeConfiguration:CreateInstanceAccessControlAttributeConfiguration'
, createInstanceAccessControlAttributeConfiguration_instanceAccessControlAttributeConfiguration
- Specifies the IAM Identity Center identity store attributes to add to
your ABAC configuration. When using an external identity provider as an
identity source, you can pass attributes through the SAML assertion.
Doing so provides an alternative to configuring attributes from the IAM
Identity Center identity store. If a SAML assertion passes any of these
attributes, IAM Identity Center will replace the attribute value with
the value from the IAM Identity Center identity store.
data CreateInstanceAccessControlAttributeConfigurationResponse Source #
See: newCreateInstanceAccessControlAttributeConfigurationResponse
smart constructor.
Instances
newCreateInstanceAccessControlAttributeConfigurationResponse Source #
:: Int |
|
-> CreateInstanceAccessControlAttributeConfigurationResponse |
Create a value of CreateInstanceAccessControlAttributeConfigurationResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:CreateInstanceAccessControlAttributeConfigurationResponse'
, createInstanceAccessControlAttributeConfigurationResponse_httpStatus
- The response's http status code.
CreatePermissionSet
data CreatePermissionSet Source #
See: newCreatePermissionSet
smart constructor.
Instances
newCreatePermissionSet Source #
Create a value of CreatePermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
CreatePermissionSet
, createPermissionSet_description
- The description of the PermissionSet.
CreatePermissionSet
, createPermissionSet_relayState
- Used to redirect users within the application during the federation
authentication process.
CreatePermissionSet
, createPermissionSet_sessionDuration
- The length of time that the application user sessions are valid in the
ISO-8601 standard.
$sel:tags:CreatePermissionSet'
, createPermissionSet_tags
- The tags to attach to the new PermissionSet.
CreatePermissionSet
, createPermissionSet_name
- The name of the PermissionSet.
CreatePermissionSet
, createPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
data CreatePermissionSetResponse Source #
See: newCreatePermissionSetResponse
smart constructor.
Instances
newCreatePermissionSetResponse Source #
Create a value of CreatePermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permissionSet:CreatePermissionSetResponse'
, createPermissionSetResponse_permissionSet
- Defines the level of access on an AWS account.
$sel:httpStatus:CreatePermissionSetResponse'
, createPermissionSetResponse_httpStatus
- The response's http status code.
DeleteAccountAssignment
data DeleteAccountAssignment Source #
See: newDeleteAccountAssignment
smart constructor.
Instances
newDeleteAccountAssignment Source #
:: Text | |
-> Text | |
-> TargetType | |
-> Text | |
-> PrincipalType | |
-> Text | |
-> DeleteAccountAssignment |
Create a value of DeleteAccountAssignment
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DeleteAccountAssignment
, deleteAccountAssignment_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
DeleteAccountAssignment
, deleteAccountAssignment_targetId
- TargetID is an AWS account identifier, typically a 10-12 digit string
(For example, 123456789012).
DeleteAccountAssignment
, deleteAccountAssignment_targetType
- The entity type for which the assignment will be deleted.
DeleteAccountAssignment
, deleteAccountAssignment_permissionSetArn
- The ARN of the permission set that will be used to remove access.
DeleteAccountAssignment
, deleteAccountAssignment_principalType
- The entity type for which the assignment will be deleted.
DeleteAccountAssignment
, deleteAccountAssignment_principalId
- An identifier for an object in IAM Identity Center, such as a user or
group. PrincipalIds are GUIDs (For example,
f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
PrincipalIds in IAM Identity Center, see the
IAM Identity Center Identity Store API Reference.
data DeleteAccountAssignmentResponse Source #
See: newDeleteAccountAssignmentResponse
smart constructor.
Instances
newDeleteAccountAssignmentResponse Source #
Create a value of DeleteAccountAssignmentResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentDeletionStatus:DeleteAccountAssignmentResponse'
, deleteAccountAssignmentResponse_accountAssignmentDeletionStatus
- The status object for the account assignment deletion operation.
$sel:httpStatus:DeleteAccountAssignmentResponse'
, deleteAccountAssignmentResponse_httpStatus
- The response's http status code.
DeleteInlinePolicyFromPermissionSet
data DeleteInlinePolicyFromPermissionSet Source #
See: newDeleteInlinePolicyFromPermissionSet
smart constructor.
Instances
newDeleteInlinePolicyFromPermissionSet Source #
Create a value of DeleteInlinePolicyFromPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DeleteInlinePolicyFromPermissionSet
, deleteInlinePolicyFromPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
DeleteInlinePolicyFromPermissionSet
, deleteInlinePolicyFromPermissionSet_permissionSetArn
- The ARN of the permission set that will be used to remove access.
data DeleteInlinePolicyFromPermissionSetResponse Source #
See: newDeleteInlinePolicyFromPermissionSetResponse
smart constructor.
Instances
Generic DeleteInlinePolicyFromPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.DeleteInlinePolicyFromPermissionSet type Rep DeleteInlinePolicyFromPermissionSetResponse :: Type -> Type # | |
Read DeleteInlinePolicyFromPermissionSetResponse Source # | |
Show DeleteInlinePolicyFromPermissionSetResponse Source # | |
NFData DeleteInlinePolicyFromPermissionSetResponse Source # | |
Eq DeleteInlinePolicyFromPermissionSetResponse Source # | |
type Rep DeleteInlinePolicyFromPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.DeleteInlinePolicyFromPermissionSet type Rep DeleteInlinePolicyFromPermissionSetResponse = D1 ('MetaData "DeleteInlinePolicyFromPermissionSetResponse" "Amazonka.SSOAdmin.DeleteInlinePolicyFromPermissionSet" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "DeleteInlinePolicyFromPermissionSetResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))) |
newDeleteInlinePolicyFromPermissionSetResponse Source #
:: Int |
|
-> DeleteInlinePolicyFromPermissionSetResponse |
Create a value of DeleteInlinePolicyFromPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DeleteInlinePolicyFromPermissionSetResponse'
, deleteInlinePolicyFromPermissionSetResponse_httpStatus
- The response's http status code.
DeleteInstanceAccessControlAttributeConfiguration
data DeleteInstanceAccessControlAttributeConfiguration Source #
See: newDeleteInstanceAccessControlAttributeConfiguration
smart constructor.
Instances
newDeleteInstanceAccessControlAttributeConfiguration Source #
Create a value of DeleteInstanceAccessControlAttributeConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DeleteInstanceAccessControlAttributeConfiguration
, deleteInstanceAccessControlAttributeConfiguration_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
data DeleteInstanceAccessControlAttributeConfigurationResponse Source #
See: newDeleteInstanceAccessControlAttributeConfigurationResponse
smart constructor.
Instances
newDeleteInstanceAccessControlAttributeConfigurationResponse Source #
:: Int |
|
-> DeleteInstanceAccessControlAttributeConfigurationResponse |
Create a value of DeleteInstanceAccessControlAttributeConfigurationResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DeleteInstanceAccessControlAttributeConfigurationResponse'
, deleteInstanceAccessControlAttributeConfigurationResponse_httpStatus
- The response's http status code.
DeletePermissionSet
data DeletePermissionSet Source #
See: newDeletePermissionSet
smart constructor.
Instances
newDeletePermissionSet Source #
Create a value of DeletePermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DeletePermissionSet
, deletePermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
DeletePermissionSet
, deletePermissionSet_permissionSetArn
- The ARN of the permission set that should be deleted.
data DeletePermissionSetResponse Source #
See: newDeletePermissionSetResponse
smart constructor.
Instances
newDeletePermissionSetResponse Source #
Create a value of DeletePermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DeletePermissionSetResponse'
, deletePermissionSetResponse_httpStatus
- The response's http status code.
DeletePermissionsBoundaryFromPermissionSet
data DeletePermissionsBoundaryFromPermissionSet Source #
See: newDeletePermissionsBoundaryFromPermissionSet
smart constructor.
Instances
newDeletePermissionsBoundaryFromPermissionSet Source #
Create a value of DeletePermissionsBoundaryFromPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DeletePermissionsBoundaryFromPermissionSet
, deletePermissionsBoundaryFromPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
DeletePermissionsBoundaryFromPermissionSet
, deletePermissionsBoundaryFromPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
data DeletePermissionsBoundaryFromPermissionSetResponse Source #
See: newDeletePermissionsBoundaryFromPermissionSetResponse
smart constructor.
Instances
newDeletePermissionsBoundaryFromPermissionSetResponse Source #
:: Int |
|
-> DeletePermissionsBoundaryFromPermissionSetResponse |
Create a value of DeletePermissionsBoundaryFromPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DeletePermissionsBoundaryFromPermissionSetResponse'
, deletePermissionsBoundaryFromPermissionSetResponse_httpStatus
- The response's http status code.
DescribeAccountAssignmentCreationStatus
data DescribeAccountAssignmentCreationStatus Source #
See: newDescribeAccountAssignmentCreationStatus
smart constructor.
Instances
newDescribeAccountAssignmentCreationStatus Source #
:: Text | |
-> Text |
|
-> DescribeAccountAssignmentCreationStatus |
Create a value of DescribeAccountAssignmentCreationStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribeAccountAssignmentCreationStatus
, describeAccountAssignmentCreationStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:accountAssignmentCreationRequestId:DescribeAccountAssignmentCreationStatus'
, describeAccountAssignmentCreationStatus_accountAssignmentCreationRequestId
- The identifier that is used to track the request operation progress.
data DescribeAccountAssignmentCreationStatusResponse Source #
See: newDescribeAccountAssignmentCreationStatusResponse
smart constructor.
Instances
newDescribeAccountAssignmentCreationStatusResponse Source #
:: Int |
|
-> DescribeAccountAssignmentCreationStatusResponse |
Create a value of DescribeAccountAssignmentCreationStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentCreationStatus:DescribeAccountAssignmentCreationStatusResponse'
, describeAccountAssignmentCreationStatusResponse_accountAssignmentCreationStatus
- The status object for the account assignment creation operation.
$sel:httpStatus:DescribeAccountAssignmentCreationStatusResponse'
, describeAccountAssignmentCreationStatusResponse_httpStatus
- The response's http status code.
DescribeAccountAssignmentDeletionStatus
data DescribeAccountAssignmentDeletionStatus Source #
See: newDescribeAccountAssignmentDeletionStatus
smart constructor.
Instances
newDescribeAccountAssignmentDeletionStatus Source #
:: Text | |
-> Text |
|
-> DescribeAccountAssignmentDeletionStatus |
Create a value of DescribeAccountAssignmentDeletionStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribeAccountAssignmentDeletionStatus
, describeAccountAssignmentDeletionStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:accountAssignmentDeletionRequestId:DescribeAccountAssignmentDeletionStatus'
, describeAccountAssignmentDeletionStatus_accountAssignmentDeletionRequestId
- The identifier that is used to track the request operation progress.
data DescribeAccountAssignmentDeletionStatusResponse Source #
See: newDescribeAccountAssignmentDeletionStatusResponse
smart constructor.
Instances
newDescribeAccountAssignmentDeletionStatusResponse Source #
:: Int |
|
-> DescribeAccountAssignmentDeletionStatusResponse |
Create a value of DescribeAccountAssignmentDeletionStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentDeletionStatus:DescribeAccountAssignmentDeletionStatusResponse'
, describeAccountAssignmentDeletionStatusResponse_accountAssignmentDeletionStatus
- The status object for the account assignment deletion operation.
$sel:httpStatus:DescribeAccountAssignmentDeletionStatusResponse'
, describeAccountAssignmentDeletionStatusResponse_httpStatus
- The response's http status code.
DescribeInstanceAccessControlAttributeConfiguration
data DescribeInstanceAccessControlAttributeConfiguration Source #
See: newDescribeInstanceAccessControlAttributeConfiguration
smart constructor.
Instances
newDescribeInstanceAccessControlAttributeConfiguration Source #
Create a value of DescribeInstanceAccessControlAttributeConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribeInstanceAccessControlAttributeConfiguration
, describeInstanceAccessControlAttributeConfiguration_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
data DescribeInstanceAccessControlAttributeConfigurationResponse Source #
See: newDescribeInstanceAccessControlAttributeConfigurationResponse
smart constructor.
DescribeInstanceAccessControlAttributeConfigurationResponse' (Maybe InstanceAccessControlAttributeConfiguration) (Maybe InstanceAccessControlAttributeConfigurationStatus) (Maybe Text) Int |
Instances
newDescribeInstanceAccessControlAttributeConfigurationResponse Source #
:: Int |
|
-> DescribeInstanceAccessControlAttributeConfigurationResponse |
Create a value of DescribeInstanceAccessControlAttributeConfigurationResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:instanceAccessControlAttributeConfiguration:DescribeInstanceAccessControlAttributeConfigurationResponse'
, describeInstanceAccessControlAttributeConfigurationResponse_instanceAccessControlAttributeConfiguration
- Gets the list of IAM Identity Center identity store attributes that have
been added to your ABAC configuration.
DescribeInstanceAccessControlAttributeConfigurationResponse
, describeInstanceAccessControlAttributeConfigurationResponse_status
- The status of the attribute configuration process.
$sel:statusReason:DescribeInstanceAccessControlAttributeConfigurationResponse'
, describeInstanceAccessControlAttributeConfigurationResponse_statusReason
- Provides more details about the current status of the specified
attribute.
$sel:httpStatus:DescribeInstanceAccessControlAttributeConfigurationResponse'
, describeInstanceAccessControlAttributeConfigurationResponse_httpStatus
- The response's http status code.
DescribePermissionSet
data DescribePermissionSet Source #
See: newDescribePermissionSet
smart constructor.
Instances
newDescribePermissionSet Source #
Create a value of DescribePermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribePermissionSet
, describePermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
DescribePermissionSet
, describePermissionSet_permissionSetArn
- The ARN of the permission set.
data DescribePermissionSetResponse Source #
See: newDescribePermissionSetResponse
smart constructor.
Instances
newDescribePermissionSetResponse Source #
Create a value of DescribePermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permissionSet:DescribePermissionSetResponse'
, describePermissionSetResponse_permissionSet
- Describes the level of access on an AWS account.
$sel:httpStatus:DescribePermissionSetResponse'
, describePermissionSetResponse_httpStatus
- The response's http status code.
DescribePermissionSetProvisioningStatus
data DescribePermissionSetProvisioningStatus Source #
See: newDescribePermissionSetProvisioningStatus
smart constructor.
Instances
newDescribePermissionSetProvisioningStatus Source #
:: Text | |
-> Text |
|
-> DescribePermissionSetProvisioningStatus |
Create a value of DescribePermissionSetProvisioningStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DescribePermissionSetProvisioningStatus
, describePermissionSetProvisioningStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:provisionPermissionSetRequestId:DescribePermissionSetProvisioningStatus'
, describePermissionSetProvisioningStatus_provisionPermissionSetRequestId
- The identifier that is provided by the ProvisionPermissionSet call to
retrieve the current status of the provisioning workflow.
data DescribePermissionSetProvisioningStatusResponse Source #
See: newDescribePermissionSetProvisioningStatusResponse
smart constructor.
Instances
newDescribePermissionSetProvisioningStatusResponse Source #
:: Int |
|
-> DescribePermissionSetProvisioningStatusResponse |
Create a value of DescribePermissionSetProvisioningStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permissionSetProvisioningStatus:DescribePermissionSetProvisioningStatusResponse'
, describePermissionSetProvisioningStatusResponse_permissionSetProvisioningStatus
- The status object for the permission set provisioning operation.
$sel:httpStatus:DescribePermissionSetProvisioningStatusResponse'
, describePermissionSetProvisioningStatusResponse_httpStatus
- The response's http status code.
DetachCustomerManagedPolicyReferenceFromPermissionSet
data DetachCustomerManagedPolicyReferenceFromPermissionSet Source #
See: newDetachCustomerManagedPolicyReferenceFromPermissionSet
smart constructor.
Instances
newDetachCustomerManagedPolicyReferenceFromPermissionSet Source #
:: Text | |
-> Text | |
-> CustomerManagedPolicyReference | |
-> DetachCustomerManagedPolicyReferenceFromPermissionSet |
Create a value of DetachCustomerManagedPolicyReferenceFromPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DetachCustomerManagedPolicyReferenceFromPermissionSet
, detachCustomerManagedPolicyReferenceFromPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
DetachCustomerManagedPolicyReferenceFromPermissionSet
, detachCustomerManagedPolicyReferenceFromPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
DetachCustomerManagedPolicyReferenceFromPermissionSet
, detachCustomerManagedPolicyReferenceFromPermissionSet_customerManagedPolicyReference
- Specifies the name and path of a customer managed policy. You must have
an IAM policy that matches the name and path in each AWS account where
you want to deploy your permission set.
data DetachCustomerManagedPolicyReferenceFromPermissionSetResponse Source #
See: newDetachCustomerManagedPolicyReferenceFromPermissionSetResponse
smart constructor.
Instances
newDetachCustomerManagedPolicyReferenceFromPermissionSetResponse Source #
:: Int |
|
-> DetachCustomerManagedPolicyReferenceFromPermissionSetResponse |
Create a value of DetachCustomerManagedPolicyReferenceFromPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DetachCustomerManagedPolicyReferenceFromPermissionSetResponse'
, detachCustomerManagedPolicyReferenceFromPermissionSetResponse_httpStatus
- The response's http status code.
DetachManagedPolicyFromPermissionSet
data DetachManagedPolicyFromPermissionSet Source #
See: newDetachManagedPolicyFromPermissionSet
smart constructor.
Instances
newDetachManagedPolicyFromPermissionSet Source #
:: Text | |
-> Text | |
-> Text | |
-> DetachManagedPolicyFromPermissionSet |
Create a value of DetachManagedPolicyFromPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
DetachManagedPolicyFromPermissionSet
, detachManagedPolicyFromPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
DetachManagedPolicyFromPermissionSet
, detachManagedPolicyFromPermissionSet_permissionSetArn
- The ARN of the PermissionSet from which the policy should be detached.
DetachManagedPolicyFromPermissionSet
, detachManagedPolicyFromPermissionSet_managedPolicyArn
- The AWS managed policy ARN to be detached from a permission set.
data DetachManagedPolicyFromPermissionSetResponse Source #
See: newDetachManagedPolicyFromPermissionSetResponse
smart constructor.
Instances
Generic DetachManagedPolicyFromPermissionSetResponse Source # | |
Read DetachManagedPolicyFromPermissionSetResponse Source # | |
Show DetachManagedPolicyFromPermissionSetResponse Source # | |
NFData DetachManagedPolicyFromPermissionSetResponse Source # | |
Eq DetachManagedPolicyFromPermissionSetResponse Source # | |
type Rep DetachManagedPolicyFromPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.DetachManagedPolicyFromPermissionSet type Rep DetachManagedPolicyFromPermissionSetResponse = D1 ('MetaData "DetachManagedPolicyFromPermissionSetResponse" "Amazonka.SSOAdmin.DetachManagedPolicyFromPermissionSet" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "DetachManagedPolicyFromPermissionSetResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))) |
newDetachManagedPolicyFromPermissionSetResponse Source #
:: Int |
|
-> DetachManagedPolicyFromPermissionSetResponse |
Create a value of DetachManagedPolicyFromPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:DetachManagedPolicyFromPermissionSetResponse'
, detachManagedPolicyFromPermissionSetResponse_httpStatus
- The response's http status code.
GetInlinePolicyForPermissionSet
data GetInlinePolicyForPermissionSet Source #
See: newGetInlinePolicyForPermissionSet
smart constructor.
Instances
newGetInlinePolicyForPermissionSet Source #
Create a value of GetInlinePolicyForPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
GetInlinePolicyForPermissionSet
, getInlinePolicyForPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
GetInlinePolicyForPermissionSet
, getInlinePolicyForPermissionSet_permissionSetArn
- The ARN of the permission set.
data GetInlinePolicyForPermissionSetResponse Source #
See: newGetInlinePolicyForPermissionSetResponse
smart constructor.
Instances
newGetInlinePolicyForPermissionSetResponse Source #
Create a value of GetInlinePolicyForPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:inlinePolicy:GetInlinePolicyForPermissionSetResponse'
, getInlinePolicyForPermissionSetResponse_inlinePolicy
- The inline policy that is attached to the permission set.
$sel:httpStatus:GetInlinePolicyForPermissionSetResponse'
, getInlinePolicyForPermissionSetResponse_httpStatus
- The response's http status code.
GetPermissionsBoundaryForPermissionSet
data GetPermissionsBoundaryForPermissionSet Source #
See: newGetPermissionsBoundaryForPermissionSet
smart constructor.
Instances
newGetPermissionsBoundaryForPermissionSet Source #
Create a value of GetPermissionsBoundaryForPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
GetPermissionsBoundaryForPermissionSet
, getPermissionsBoundaryForPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
GetPermissionsBoundaryForPermissionSet
, getPermissionsBoundaryForPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
data GetPermissionsBoundaryForPermissionSetResponse Source #
See: newGetPermissionsBoundaryForPermissionSetResponse
smart constructor.
Instances
newGetPermissionsBoundaryForPermissionSetResponse Source #
:: Int |
|
-> GetPermissionsBoundaryForPermissionSetResponse |
Create a value of GetPermissionsBoundaryForPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permissionsBoundary:GetPermissionsBoundaryForPermissionSetResponse'
, getPermissionsBoundaryForPermissionSetResponse_permissionsBoundary
- The permissions boundary attached to the specified permission set.
$sel:httpStatus:GetPermissionsBoundaryForPermissionSetResponse'
, getPermissionsBoundaryForPermissionSetResponse_httpStatus
- The response's http status code.
ListAccountAssignmentCreationStatus (Paginated)
data ListAccountAssignmentCreationStatus Source #
See: newListAccountAssignmentCreationStatus
smart constructor.
ListAccountAssignmentCreationStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text |
Instances
newListAccountAssignmentCreationStatus Source #
Create a value of ListAccountAssignmentCreationStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:filter':ListAccountAssignmentCreationStatus'
, listAccountAssignmentCreationStatus_filter
- Filters results based on the passed attribute value.
$sel:maxResults:ListAccountAssignmentCreationStatus'
, listAccountAssignmentCreationStatus_maxResults
- The maximum number of results to display for the assignment.
ListAccountAssignmentCreationStatus
, listAccountAssignmentCreationStatus_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListAccountAssignmentCreationStatus
, listAccountAssignmentCreationStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
data ListAccountAssignmentCreationStatusResponse Source #
See: newListAccountAssignmentCreationStatusResponse
smart constructor.
ListAccountAssignmentCreationStatusResponse' (Maybe [AccountAssignmentOperationStatusMetadata]) (Maybe Text) Int |
Instances
newListAccountAssignmentCreationStatusResponse Source #
:: Int |
|
-> ListAccountAssignmentCreationStatusResponse |
Create a value of ListAccountAssignmentCreationStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentsCreationStatus:ListAccountAssignmentCreationStatusResponse'
, listAccountAssignmentCreationStatusResponse_accountAssignmentsCreationStatus
- The status object for the account assignment creation operation.
ListAccountAssignmentCreationStatus
, listAccountAssignmentCreationStatusResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListAccountAssignmentCreationStatusResponse'
, listAccountAssignmentCreationStatusResponse_httpStatus
- The response's http status code.
ListAccountAssignmentDeletionStatus (Paginated)
data ListAccountAssignmentDeletionStatus Source #
See: newListAccountAssignmentDeletionStatus
smart constructor.
ListAccountAssignmentDeletionStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text |
Instances
newListAccountAssignmentDeletionStatus Source #
Create a value of ListAccountAssignmentDeletionStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:filter':ListAccountAssignmentDeletionStatus'
, listAccountAssignmentDeletionStatus_filter
- Filters results based on the passed attribute value.
$sel:maxResults:ListAccountAssignmentDeletionStatus'
, listAccountAssignmentDeletionStatus_maxResults
- The maximum number of results to display for the assignment.
ListAccountAssignmentDeletionStatus
, listAccountAssignmentDeletionStatus_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListAccountAssignmentDeletionStatus
, listAccountAssignmentDeletionStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
data ListAccountAssignmentDeletionStatusResponse Source #
See: newListAccountAssignmentDeletionStatusResponse
smart constructor.
ListAccountAssignmentDeletionStatusResponse' (Maybe [AccountAssignmentOperationStatusMetadata]) (Maybe Text) Int |
Instances
newListAccountAssignmentDeletionStatusResponse Source #
:: Int |
|
-> ListAccountAssignmentDeletionStatusResponse |
Create a value of ListAccountAssignmentDeletionStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignmentsDeletionStatus:ListAccountAssignmentDeletionStatusResponse'
, listAccountAssignmentDeletionStatusResponse_accountAssignmentsDeletionStatus
- The status object for the account assignment deletion operation.
ListAccountAssignmentDeletionStatus
, listAccountAssignmentDeletionStatusResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListAccountAssignmentDeletionStatusResponse'
, listAccountAssignmentDeletionStatusResponse_httpStatus
- The response's http status code.
ListAccountAssignments (Paginated)
data ListAccountAssignments Source #
See: newListAccountAssignments
smart constructor.
Instances
newListAccountAssignments Source #
:: Text | |
-> Text | |
-> Text | |
-> ListAccountAssignments |
Create a value of ListAccountAssignments
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListAccountAssignments'
, listAccountAssignments_maxResults
- The maximum number of results to display for the assignment.
ListAccountAssignments
, listAccountAssignments_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListAccountAssignments
, listAccountAssignments_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
ListAccountAssignments
, listAccountAssignments_accountId
- The identifier of the AWS account from which to list the assignments.
ListAccountAssignments
, listAccountAssignments_permissionSetArn
- The ARN of the permission set from which to list assignments.
data ListAccountAssignmentsResponse Source #
See: newListAccountAssignmentsResponse
smart constructor.
Instances
newListAccountAssignmentsResponse Source #
Create a value of ListAccountAssignmentsResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountAssignments:ListAccountAssignmentsResponse'
, listAccountAssignmentsResponse_accountAssignments
- The list of assignments that match the input AWS account and permission
set.
ListAccountAssignments
, listAccountAssignmentsResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListAccountAssignmentsResponse'
, listAccountAssignmentsResponse_httpStatus
- The response's http status code.
ListAccountsForProvisionedPermissionSet (Paginated)
data ListAccountsForProvisionedPermissionSet Source #
See: newListAccountsForProvisionedPermissionSet
smart constructor.
ListAccountsForProvisionedPermissionSet' (Maybe Natural) (Maybe Text) (Maybe ProvisioningStatus) Text Text |
Instances
newListAccountsForProvisionedPermissionSet Source #
Create a value of ListAccountsForProvisionedPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListAccountsForProvisionedPermissionSet'
, listAccountsForProvisionedPermissionSet_maxResults
- The maximum number of results to display for the PermissionSet.
ListAccountsForProvisionedPermissionSet
, listAccountsForProvisionedPermissionSet_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:provisioningStatus:ListAccountsForProvisionedPermissionSet'
, listAccountsForProvisionedPermissionSet_provisioningStatus
- The permission set provisioning status for an AWS account.
ListAccountsForProvisionedPermissionSet
, listAccountsForProvisionedPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
ListAccountsForProvisionedPermissionSet
, listAccountsForProvisionedPermissionSet_permissionSetArn
- The ARN of the PermissionSet from which the associated AWS accounts will
be listed.
data ListAccountsForProvisionedPermissionSetResponse Source #
See: newListAccountsForProvisionedPermissionSetResponse
smart constructor.
Instances
newListAccountsForProvisionedPermissionSetResponse Source #
:: Int |
|
-> ListAccountsForProvisionedPermissionSetResponse |
Create a value of ListAccountsForProvisionedPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountIds:ListAccountsForProvisionedPermissionSetResponse'
, listAccountsForProvisionedPermissionSetResponse_accountIds
- The list of AWS AccountIds
.
ListAccountsForProvisionedPermissionSet
, listAccountsForProvisionedPermissionSetResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListAccountsForProvisionedPermissionSetResponse'
, listAccountsForProvisionedPermissionSetResponse_httpStatus
- The response's http status code.
ListCustomerManagedPolicyReferencesInPermissionSet (Paginated)
data ListCustomerManagedPolicyReferencesInPermissionSet Source #
See: newListCustomerManagedPolicyReferencesInPermissionSet
smart constructor.
Instances
newListCustomerManagedPolicyReferencesInPermissionSet Source #
Create a value of ListCustomerManagedPolicyReferencesInPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListCustomerManagedPolicyReferencesInPermissionSet'
, listCustomerManagedPolicyReferencesInPermissionSet_maxResults
- The maximum number of results to display for the list call.
ListCustomerManagedPolicyReferencesInPermissionSet
, listCustomerManagedPolicyReferencesInPermissionSet_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListCustomerManagedPolicyReferencesInPermissionSet
, listCustomerManagedPolicyReferencesInPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
ListCustomerManagedPolicyReferencesInPermissionSet
, listCustomerManagedPolicyReferencesInPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
data ListCustomerManagedPolicyReferencesInPermissionSetResponse Source #
See: newListCustomerManagedPolicyReferencesInPermissionSetResponse
smart constructor.
ListCustomerManagedPolicyReferencesInPermissionSetResponse' (Maybe [CustomerManagedPolicyReference]) (Maybe Text) Int |
Instances
newListCustomerManagedPolicyReferencesInPermissionSetResponse Source #
:: Int |
|
-> ListCustomerManagedPolicyReferencesInPermissionSetResponse |
Create a value of ListCustomerManagedPolicyReferencesInPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:customerManagedPolicyReferences:ListCustomerManagedPolicyReferencesInPermissionSetResponse'
, listCustomerManagedPolicyReferencesInPermissionSetResponse_customerManagedPolicyReferences
- Specifies the names and paths of the customer managed policies that you
have attached to your permission set.
ListCustomerManagedPolicyReferencesInPermissionSet
, listCustomerManagedPolicyReferencesInPermissionSetResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListCustomerManagedPolicyReferencesInPermissionSetResponse'
, listCustomerManagedPolicyReferencesInPermissionSetResponse_httpStatus
- The response's http status code.
ListInstances (Paginated)
data ListInstances Source #
See: newListInstances
smart constructor.
Instances
newListInstances :: ListInstances Source #
Create a value of ListInstances
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListInstances'
, listInstances_maxResults
- The maximum number of results to display for the instance.
ListInstances
, listInstances_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
data ListInstancesResponse Source #
See: newListInstancesResponse
smart constructor.
Instances
newListInstancesResponse Source #
Create a value of ListInstancesResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:instances:ListInstancesResponse'
, listInstancesResponse_instances
- Lists the IAM Identity Center instances that the caller has access to.
ListInstances
, listInstancesResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListInstancesResponse'
, listInstancesResponse_httpStatus
- The response's http status code.
ListManagedPoliciesInPermissionSet (Paginated)
data ListManagedPoliciesInPermissionSet Source #
See: newListManagedPoliciesInPermissionSet
smart constructor.
Instances
newListManagedPoliciesInPermissionSet Source #
Create a value of ListManagedPoliciesInPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListManagedPoliciesInPermissionSet'
, listManagedPoliciesInPermissionSet_maxResults
- The maximum number of results to display for the PermissionSet.
ListManagedPoliciesInPermissionSet
, listManagedPoliciesInPermissionSet_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListManagedPoliciesInPermissionSet
, listManagedPoliciesInPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
ListManagedPoliciesInPermissionSet
, listManagedPoliciesInPermissionSet_permissionSetArn
- The ARN of the PermissionSet whose managed policies will be listed.
data ListManagedPoliciesInPermissionSetResponse Source #
See: newListManagedPoliciesInPermissionSetResponse
smart constructor.
Instances
newListManagedPoliciesInPermissionSetResponse Source #
Create a value of ListManagedPoliciesInPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:attachedManagedPolicies:ListManagedPoliciesInPermissionSetResponse'
, listManagedPoliciesInPermissionSetResponse_attachedManagedPolicies
- An array of the AttachedManagedPolicy data type object.
ListManagedPoliciesInPermissionSet
, listManagedPoliciesInPermissionSetResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:httpStatus:ListManagedPoliciesInPermissionSetResponse'
, listManagedPoliciesInPermissionSetResponse_httpStatus
- The response's http status code.
ListPermissionSetProvisioningStatus (Paginated)
data ListPermissionSetProvisioningStatus Source #
See: newListPermissionSetProvisioningStatus
smart constructor.
ListPermissionSetProvisioningStatus' (Maybe OperationStatusFilter) (Maybe Natural) (Maybe Text) Text |
Instances
newListPermissionSetProvisioningStatus Source #
Create a value of ListPermissionSetProvisioningStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:filter':ListPermissionSetProvisioningStatus'
, listPermissionSetProvisioningStatus_filter
- Filters results based on the passed attribute value.
$sel:maxResults:ListPermissionSetProvisioningStatus'
, listPermissionSetProvisioningStatus_maxResults
- The maximum number of results to display for the assignment.
ListPermissionSetProvisioningStatus
, listPermissionSetProvisioningStatus_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListPermissionSetProvisioningStatus
, listPermissionSetProvisioningStatus_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
data ListPermissionSetProvisioningStatusResponse Source #
See: newListPermissionSetProvisioningStatusResponse
smart constructor.
ListPermissionSetProvisioningStatusResponse' (Maybe Text) (Maybe [PermissionSetProvisioningStatusMetadata]) Int |
Instances
newListPermissionSetProvisioningStatusResponse Source #
:: Int |
|
-> ListPermissionSetProvisioningStatusResponse |
Create a value of ListPermissionSetProvisioningStatusResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ListPermissionSetProvisioningStatus
, listPermissionSetProvisioningStatusResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:permissionSetsProvisioningStatus:ListPermissionSetProvisioningStatusResponse'
, listPermissionSetProvisioningStatusResponse_permissionSetsProvisioningStatus
- The status object for the permission set provisioning operation.
$sel:httpStatus:ListPermissionSetProvisioningStatusResponse'
, listPermissionSetProvisioningStatusResponse_httpStatus
- The response's http status code.
ListPermissionSets (Paginated)
data ListPermissionSets Source #
See: newListPermissionSets
smart constructor.
Instances
newListPermissionSets Source #
Create a value of ListPermissionSets
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListPermissionSets'
, listPermissionSets_maxResults
- The maximum number of results to display for the assignment.
ListPermissionSets
, listPermissionSets_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListPermissionSets
, listPermissionSets_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
data ListPermissionSetsResponse Source #
See: newListPermissionSetsResponse
smart constructor.
Instances
newListPermissionSetsResponse Source #
Create a value of ListPermissionSetsResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ListPermissionSets
, listPermissionSetsResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:permissionSets:ListPermissionSetsResponse'
, listPermissionSetsResponse_permissionSets
- Defines the level of access on an AWS account.
$sel:httpStatus:ListPermissionSetsResponse'
, listPermissionSetsResponse_httpStatus
- The response's http status code.
ListPermissionSetsProvisionedToAccount (Paginated)
data ListPermissionSetsProvisionedToAccount Source #
See: newListPermissionSetsProvisionedToAccount
smart constructor.
ListPermissionSetsProvisionedToAccount' (Maybe Natural) (Maybe Text) (Maybe ProvisioningStatus) Text Text |
Instances
newListPermissionSetsProvisionedToAccount Source #
Create a value of ListPermissionSetsProvisionedToAccount
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:maxResults:ListPermissionSetsProvisionedToAccount'
, listPermissionSetsProvisionedToAccount_maxResults
- The maximum number of results to display for the assignment.
ListPermissionSetsProvisionedToAccount
, listPermissionSetsProvisionedToAccount_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:provisioningStatus:ListPermissionSetsProvisionedToAccount'
, listPermissionSetsProvisionedToAccount_provisioningStatus
- The status object for the permission set provisioning operation.
ListPermissionSetsProvisionedToAccount
, listPermissionSetsProvisionedToAccount_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
ListPermissionSetsProvisionedToAccount
, listPermissionSetsProvisionedToAccount_accountId
- The identifier of the AWS account from which to list the assignments.
data ListPermissionSetsProvisionedToAccountResponse Source #
See: newListPermissionSetsProvisionedToAccountResponse
smart constructor.
Instances
newListPermissionSetsProvisionedToAccountResponse Source #
:: Int |
|
-> ListPermissionSetsProvisionedToAccountResponse |
Create a value of ListPermissionSetsProvisionedToAccountResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ListPermissionSetsProvisionedToAccount
, listPermissionSetsProvisionedToAccountResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:permissionSets:ListPermissionSetsProvisionedToAccountResponse'
, listPermissionSetsProvisionedToAccountResponse_permissionSets
- Defines the level of access that an AWS account has.
$sel:httpStatus:ListPermissionSetsProvisionedToAccountResponse'
, listPermissionSetsProvisionedToAccountResponse_httpStatus
- The response's http status code.
ListTagsForResource (Paginated)
data ListTagsForResource Source #
See: newListTagsForResource
smart constructor.
Instances
newListTagsForResource Source #
Create a value of ListTagsForResource
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ListTagsForResource
, listTagsForResource_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
ListTagsForResource
, listTagsForResource_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:resourceArn:ListTagsForResource'
, listTagsForResource_resourceArn
- The ARN of the resource with the tags to be listed.
data ListTagsForResourceResponse Source #
See: newListTagsForResourceResponse
smart constructor.
Instances
newListTagsForResourceResponse Source #
Create a value of ListTagsForResourceResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ListTagsForResource
, listTagsForResourceResponse_nextToken
- The pagination token for the list API. Initially the value is null. Use
the output of previous API calls to make subsequent calls.
$sel:tags:ListTagsForResourceResponse'
, listTagsForResourceResponse_tags
- A set of key-value pairs that are used to manage the resource.
$sel:httpStatus:ListTagsForResourceResponse'
, listTagsForResourceResponse_httpStatus
- The response's http status code.
ProvisionPermissionSet
data ProvisionPermissionSet Source #
See: newProvisionPermissionSet
smart constructor.
Instances
newProvisionPermissionSet Source #
Create a value of ProvisionPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ProvisionPermissionSet
, provisionPermissionSet_targetId
- TargetID is an AWS account identifier, typically a 10-12 digit string
(For example, 123456789012).
ProvisionPermissionSet
, provisionPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
ProvisionPermissionSet
, provisionPermissionSet_permissionSetArn
- The ARN of the permission set.
ProvisionPermissionSet
, provisionPermissionSet_targetType
- The entity type for which the assignment will be created.
data ProvisionPermissionSetResponse Source #
See: newProvisionPermissionSetResponse
smart constructor.
Instances
newProvisionPermissionSetResponse Source #
Create a value of ProvisionPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:permissionSetProvisioningStatus:ProvisionPermissionSetResponse'
, provisionPermissionSetResponse_permissionSetProvisioningStatus
- The status object for the permission set provisioning operation.
$sel:httpStatus:ProvisionPermissionSetResponse'
, provisionPermissionSetResponse_httpStatus
- The response's http status code.
PutInlinePolicyToPermissionSet
data PutInlinePolicyToPermissionSet Source #
See: newPutInlinePolicyToPermissionSet
smart constructor.
Instances
newPutInlinePolicyToPermissionSet Source #
:: Text | |
-> Text | |
-> Text | |
-> PutInlinePolicyToPermissionSet |
Create a value of PutInlinePolicyToPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
PutInlinePolicyToPermissionSet
, putInlinePolicyToPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
PutInlinePolicyToPermissionSet
, putInlinePolicyToPermissionSet_permissionSetArn
- The ARN of the permission set.
$sel:inlinePolicy:PutInlinePolicyToPermissionSet'
, putInlinePolicyToPermissionSet_inlinePolicy
- The inline policy to attach to a PermissionSet.
data PutInlinePolicyToPermissionSetResponse Source #
See: newPutInlinePolicyToPermissionSetResponse
smart constructor.
Instances
newPutInlinePolicyToPermissionSetResponse Source #
Create a value of PutInlinePolicyToPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:PutInlinePolicyToPermissionSetResponse'
, putInlinePolicyToPermissionSetResponse_httpStatus
- The response's http status code.
PutPermissionsBoundaryToPermissionSet
data PutPermissionsBoundaryToPermissionSet Source #
See: newPutPermissionsBoundaryToPermissionSet
smart constructor.
Instances
newPutPermissionsBoundaryToPermissionSet Source #
:: Text | |
-> Text | |
-> PermissionsBoundary |
|
-> PutPermissionsBoundaryToPermissionSet |
Create a value of PutPermissionsBoundaryToPermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
PutPermissionsBoundaryToPermissionSet
, putPermissionsBoundaryToPermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
PutPermissionsBoundaryToPermissionSet
, putPermissionsBoundaryToPermissionSet_permissionSetArn
- The ARN of the PermissionSet
.
$sel:permissionsBoundary:PutPermissionsBoundaryToPermissionSet'
, putPermissionsBoundaryToPermissionSet_permissionsBoundary
- The permissions boundary that you want to attach to a PermissionSet
.
data PutPermissionsBoundaryToPermissionSetResponse Source #
See: newPutPermissionsBoundaryToPermissionSetResponse
smart constructor.
Instances
Generic PutPermissionsBoundaryToPermissionSetResponse Source # | |
Read PutPermissionsBoundaryToPermissionSetResponse Source # | |
Show PutPermissionsBoundaryToPermissionSetResponse Source # | |
NFData PutPermissionsBoundaryToPermissionSetResponse Source # | |
Eq PutPermissionsBoundaryToPermissionSetResponse Source # | |
type Rep PutPermissionsBoundaryToPermissionSetResponse Source # | |
Defined in Amazonka.SSOAdmin.PutPermissionsBoundaryToPermissionSet type Rep PutPermissionsBoundaryToPermissionSetResponse = D1 ('MetaData "PutPermissionsBoundaryToPermissionSetResponse" "Amazonka.SSOAdmin.PutPermissionsBoundaryToPermissionSet" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "PutPermissionsBoundaryToPermissionSetResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))) |
newPutPermissionsBoundaryToPermissionSetResponse Source #
:: Int |
|
-> PutPermissionsBoundaryToPermissionSetResponse |
Create a value of PutPermissionsBoundaryToPermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:PutPermissionsBoundaryToPermissionSetResponse'
, putPermissionsBoundaryToPermissionSetResponse_httpStatus
- The response's http status code.
TagResource
data TagResource Source #
See: newTagResource
smart constructor.
Instances
Create a value of TagResource
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
TagResource
, tagResource_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:resourceArn:TagResource'
, tagResource_resourceArn
- The ARN of the resource with the tags to be listed.
$sel:tags:TagResource'
, tagResource_tags
- A set of key-value pairs that are used to manage the resource.
data TagResourceResponse Source #
See: newTagResourceResponse
smart constructor.
Instances
newTagResourceResponse Source #
Create a value of TagResourceResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:TagResourceResponse'
, tagResourceResponse_httpStatus
- The response's http status code.
UntagResource
data UntagResource Source #
See: newUntagResource
smart constructor.
Instances
:: Text | |
-> Text | |
-> NonEmpty Text | |
-> UntagResource |
Create a value of UntagResource
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
UntagResource
, untagResource_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:resourceArn:UntagResource'
, untagResource_resourceArn
- The ARN of the resource with the tags to be listed.
$sel:tagKeys:UntagResource'
, untagResource_tagKeys
- The keys of tags that are attached to the resource.
data UntagResourceResponse Source #
See: newUntagResourceResponse
smart constructor.
Instances
newUntagResourceResponse Source #
Create a value of UntagResourceResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:UntagResourceResponse'
, untagResourceResponse_httpStatus
- The response's http status code.
UpdateInstanceAccessControlAttributeConfiguration
data UpdateInstanceAccessControlAttributeConfiguration Source #
See: newUpdateInstanceAccessControlAttributeConfiguration
smart constructor.
Instances
newUpdateInstanceAccessControlAttributeConfiguration Source #
Create a value of UpdateInstanceAccessControlAttributeConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
UpdateInstanceAccessControlAttributeConfiguration
, updateInstanceAccessControlAttributeConfiguration_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed.
$sel:instanceAccessControlAttributeConfiguration:UpdateInstanceAccessControlAttributeConfiguration'
, updateInstanceAccessControlAttributeConfiguration_instanceAccessControlAttributeConfiguration
- Updates the attributes for your ABAC configuration.
data UpdateInstanceAccessControlAttributeConfigurationResponse Source #
See: newUpdateInstanceAccessControlAttributeConfigurationResponse
smart constructor.
Instances
newUpdateInstanceAccessControlAttributeConfigurationResponse Source #
:: Int |
|
-> UpdateInstanceAccessControlAttributeConfigurationResponse |
Create a value of UpdateInstanceAccessControlAttributeConfigurationResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:UpdateInstanceAccessControlAttributeConfigurationResponse'
, updateInstanceAccessControlAttributeConfigurationResponse_httpStatus
- The response's http status code.
UpdatePermissionSet
data UpdatePermissionSet Source #
See: newUpdatePermissionSet
smart constructor.
Instances
newUpdatePermissionSet Source #
Create a value of UpdatePermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
UpdatePermissionSet
, updatePermissionSet_description
- The description of the PermissionSet.
UpdatePermissionSet
, updatePermissionSet_relayState
- Used to redirect users within the application during the federation
authentication process.
UpdatePermissionSet
, updatePermissionSet_sessionDuration
- The length of time that the application user sessions are valid for in
the ISO-8601 standard.
UpdatePermissionSet
, updatePermissionSet_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
UpdatePermissionSet
, updatePermissionSet_permissionSetArn
- The ARN of the permission set.
data UpdatePermissionSetResponse Source #
See: newUpdatePermissionSetResponse
smart constructor.
Instances
newUpdatePermissionSetResponse Source #
Create a value of UpdatePermissionSetResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:UpdatePermissionSetResponse'
, updatePermissionSetResponse_httpStatus
- The response's http status code.
Types
InstanceAccessControlAttributeConfigurationStatus
newtype InstanceAccessControlAttributeConfigurationStatus Source #
Instances
PrincipalType
newtype PrincipalType Source #
pattern PrincipalType_GROUP :: PrincipalType | |
pattern PrincipalType_USER :: PrincipalType |
Instances
ProvisionTargetType
newtype ProvisionTargetType Source #
pattern ProvisionTargetType_ALL_PROVISIONED_ACCOUNTS :: ProvisionTargetType | |
pattern ProvisionTargetType_AWS_ACCOUNT :: ProvisionTargetType |
Instances
ProvisioningStatus
newtype ProvisioningStatus Source #
pattern ProvisioningStatus_LATEST_PERMISSION_SET_NOT_PROVISIONED :: ProvisioningStatus | |
pattern ProvisioningStatus_LATEST_PERMISSION_SET_PROVISIONED :: ProvisioningStatus |
Instances
StatusValues
newtype StatusValues Source #
pattern StatusValues_FAILED :: StatusValues | |
pattern StatusValues_IN_PROGRESS :: StatusValues | |
pattern StatusValues_SUCCEEDED :: StatusValues |
Instances
TargetType
newtype TargetType Source #
pattern TargetType_AWS_ACCOUNT :: TargetType |
Instances
AccessControlAttribute
data AccessControlAttribute Source #
These are IAM Identity Center identity store attributes that you can
configure for use in attributes-based access control (ABAC). You can
create permissions policies that determine who can access your AWS
resources based upon the configured attribute values. When you enable
ABAC and specify AccessControlAttributes
, IAM Identity Center passes
the attribute values of the authenticated user into IAM for use in
policy evaluation.
See: newAccessControlAttribute
smart constructor.
Instances
newAccessControlAttribute Source #
Create a value of AccessControlAttribute
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:key:AccessControlAttribute'
, accessControlAttribute_key
- The name of the attribute associated with your identities in your
identity source. This is used to map a specified attribute in your
identity source with an attribute in IAM Identity Center.
$sel:value:AccessControlAttribute'
, accessControlAttribute_value
- The value used for mapping a specified attribute to an identity source.
AccessControlAttributeValue
data AccessControlAttributeValue Source #
The value used for mapping a specified attribute to an identity source. For more information, see Attribute mappings in the IAM Identity Center User Guide.
See: newAccessControlAttributeValue
smart constructor.
Instances
newAccessControlAttributeValue Source #
Create a value of AccessControlAttributeValue
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:source:AccessControlAttributeValue'
, accessControlAttributeValue_source
- The identity source to use when mapping a specified attribute to IAM
Identity Center.
AccountAssignment
data AccountAssignment Source #
The assignment that indicates a principal's limited access to a specified AWS account with a specified permission set.
The term principal here refers to a user or group that is defined in IAM Identity Center.
See: newAccountAssignment
smart constructor.
AccountAssignment' (Maybe Text) (Maybe Text) (Maybe Text) (Maybe PrincipalType) |
Instances
newAccountAssignment :: AccountAssignment Source #
Create a value of AccountAssignment
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountId:AccountAssignment'
, accountAssignment_accountId
- The identifier of the AWS account.
$sel:permissionSetArn:AccountAssignment'
, accountAssignment_permissionSetArn
- The ARN of the permission set. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:principalId:AccountAssignment'
, accountAssignment_principalId
- An identifier for an object in IAM Identity Center, such as a user or
group. PrincipalIds are GUIDs (For example,
f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
PrincipalIds in IAM Identity Center, see the
IAM Identity Center Identity Store API Reference.
$sel:principalType:AccountAssignment'
, accountAssignment_principalType
- The entity type for which the assignment will be created.
AccountAssignmentOperationStatus
data AccountAssignmentOperationStatus Source #
The status of the creation or deletion operation of an assignment that a principal needs to access an account.
See: newAccountAssignmentOperationStatus
smart constructor.
AccountAssignmentOperationStatus' (Maybe POSIX) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe PrincipalType) (Maybe Text) (Maybe StatusValues) (Maybe Text) (Maybe TargetType) |
Instances
newAccountAssignmentOperationStatus :: AccountAssignmentOperationStatus Source #
Create a value of AccountAssignmentOperationStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:createdDate:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_createdDate
- The date that the permission set was created.
$sel:failureReason:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_failureReason
- The message that contains an error or exception in case of an operation
failure.
$sel:permissionSetArn:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_permissionSetArn
- The ARN of the permission set. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:principalId:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_principalId
- An identifier for an object in IAM Identity Center, such as a user or
group. PrincipalIds are GUIDs (For example,
f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about
PrincipalIds in IAM Identity Center, see the
IAM Identity Center Identity Store API Reference.
$sel:principalType:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_principalType
- The entity type for which the assignment will be created.
$sel:requestId:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_requestId
- The identifier for tracking the request operation that is generated by
the universally unique identifier (UUID) workflow.
$sel:status:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_status
- The status of the permission set provisioning process.
$sel:targetId:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_targetId
- TargetID is an AWS account identifier, typically a 10-12 digit string
(For example, 123456789012).
$sel:targetType:AccountAssignmentOperationStatus'
, accountAssignmentOperationStatus_targetType
- The entity type for which the assignment will be created.
AccountAssignmentOperationStatusMetadata
data AccountAssignmentOperationStatusMetadata Source #
Provides information about the AccountAssignment creation request.
See: newAccountAssignmentOperationStatusMetadata
smart constructor.
Instances
newAccountAssignmentOperationStatusMetadata :: AccountAssignmentOperationStatusMetadata Source #
Create a value of AccountAssignmentOperationStatusMetadata
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:createdDate:AccountAssignmentOperationStatusMetadata'
, accountAssignmentOperationStatusMetadata_createdDate
- The date that the permission set was created.
$sel:requestId:AccountAssignmentOperationStatusMetadata'
, accountAssignmentOperationStatusMetadata_requestId
- The identifier for tracking the request operation that is generated by
the universally unique identifier (UUID) workflow.
$sel:status:AccountAssignmentOperationStatusMetadata'
, accountAssignmentOperationStatusMetadata_status
- The status of the permission set provisioning process.
AttachedManagedPolicy
data AttachedManagedPolicy Source #
A structure that stores the details of the AWS managed policy.
See: newAttachedManagedPolicy
smart constructor.
Instances
newAttachedManagedPolicy :: AttachedManagedPolicy Source #
Create a value of AttachedManagedPolicy
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:arn:AttachedManagedPolicy'
, attachedManagedPolicy_arn
- The ARN of the AWS managed policy. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:name:AttachedManagedPolicy'
, attachedManagedPolicy_name
- The name of the AWS managed policy.
CustomerManagedPolicyReference
data CustomerManagedPolicyReference Source #
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.
See: newCustomerManagedPolicyReference
smart constructor.
Instances
newCustomerManagedPolicyReference Source #
Create a value of CustomerManagedPolicyReference
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:path:CustomerManagedPolicyReference'
, customerManagedPolicyReference_path
- The path to the IAM policy that you have configured in each account
where you want to deploy your permission set. The default is /
. For
more information, see
Friendly names and paths
in the IAM User Guide.
$sel:name:CustomerManagedPolicyReference'
, customerManagedPolicyReference_name
- The name of the IAM policy that you have configured in each account
where you want to deploy your permission set.
InstanceAccessControlAttributeConfiguration
data InstanceAccessControlAttributeConfiguration Source #
Specifies the attributes to add to your attribute-based access control (ABAC) configuration.
See: newInstanceAccessControlAttributeConfiguration
smart constructor.
Instances
newInstanceAccessControlAttributeConfiguration :: InstanceAccessControlAttributeConfiguration Source #
Create a value of InstanceAccessControlAttributeConfiguration
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accessControlAttributes:InstanceAccessControlAttributeConfiguration'
, instanceAccessControlAttributeConfiguration_accessControlAttributes
- Lists the attributes that are configured for ABAC in the specified IAM
Identity Center instance.
InstanceMetadata
data InstanceMetadata Source #
Provides information about the IAM Identity Center instance.
See: newInstanceMetadata
smart constructor.
Instances
newInstanceMetadata :: InstanceMetadata Source #
Create a value of InstanceMetadata
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:identityStoreId:InstanceMetadata'
, instanceMetadata_identityStoreId
- The identifier of the identity store that is connected to the IAM
Identity Center instance.
$sel:instanceArn:InstanceMetadata'
, instanceMetadata_instanceArn
- The ARN of the IAM Identity Center instance under which the operation
will be executed. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
OperationStatusFilter
data OperationStatusFilter Source #
Filters he operation status list based on the passed attribute value.
See: newOperationStatusFilter
smart constructor.
Instances
newOperationStatusFilter :: OperationStatusFilter Source #
Create a value of OperationStatusFilter
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:status:OperationStatusFilter'
, operationStatusFilter_status
- Filters the list operations result based on the status attribute.
PermissionSet
data PermissionSet Source #
An entity that contains IAM policies.
See: newPermissionSet
smart constructor.
Instances
newPermissionSet :: PermissionSet Source #
Create a value of PermissionSet
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:createdDate:PermissionSet'
, permissionSet_createdDate
- The date that the permission set was created.
$sel:description:PermissionSet'
, permissionSet_description
- The description of the PermissionSet.
$sel:name:PermissionSet'
, permissionSet_name
- The name of the permission set.
$sel:permissionSetArn:PermissionSet'
, permissionSet_permissionSetArn
- The ARN of the permission set. For more information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:relayState:PermissionSet'
, permissionSet_relayState
- Used to redirect users within the application during the federation
authentication process.
$sel:sessionDuration:PermissionSet'
, permissionSet_sessionDuration
- The length of time that the application user sessions are valid for in
the ISO-8601 standard.
PermissionSetProvisioningStatus
data PermissionSetProvisioningStatus Source #
A structure that is used to provide the status of the provisioning operation for a specified permission set.
See: newPermissionSetProvisioningStatus
smart constructor.
PermissionSetProvisioningStatus' (Maybe Text) (Maybe POSIX) (Maybe Text) (Maybe Text) (Maybe Text) (Maybe StatusValues) |
Instances
newPermissionSetProvisioningStatus :: PermissionSetProvisioningStatus Source #
Create a value of PermissionSetProvisioningStatus
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:accountId:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_accountId
- The identifier of the AWS account from which to list the assignments.
$sel:createdDate:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_createdDate
- The date that the permission set was created.
$sel:failureReason:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_failureReason
- The message that contains an error or exception in case of an operation
failure.
$sel:permissionSetArn:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_permissionSetArn
- The ARN of the permission set that is being provisioned. For more
information about ARNs, see
Amazon Resource Names (ARNs) and AWS Service Namespaces
in the AWS General Reference.
$sel:requestId:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_requestId
- The identifier for tracking the request operation that is generated by
the universally unique identifier (UUID) workflow.
$sel:status:PermissionSetProvisioningStatus'
, permissionSetProvisioningStatus_status
- The status of the permission set provisioning process.
PermissionSetProvisioningStatusMetadata
data PermissionSetProvisioningStatusMetadata Source #
Provides information about the permission set provisioning status.
See: newPermissionSetProvisioningStatusMetadata
smart constructor.
Instances
newPermissionSetProvisioningStatusMetadata :: PermissionSetProvisioningStatusMetadata Source #
Create a value of PermissionSetProvisioningStatusMetadata
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:createdDate:PermissionSetProvisioningStatusMetadata'
, permissionSetProvisioningStatusMetadata_createdDate
- The date that the permission set was created.
$sel:requestId:PermissionSetProvisioningStatusMetadata'
, permissionSetProvisioningStatusMetadata_requestId
- The identifier for tracking the request operation that is generated by
the universally unique identifier (UUID) workflow.
$sel:status:PermissionSetProvisioningStatusMetadata'
, permissionSetProvisioningStatusMetadata_status
- The status of the permission set provisioning process.
PermissionsBoundary
data PermissionsBoundary Source #
Specifies the configuration of the AWS managed or customer managed
policy that you want to set as a permissions boundary. Specify either
CustomerManagedPolicyReference
to use the name and path of a customer
managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed
policy. A permissions boundary represents the maximum permissions that
any policy can grant your role. For more information, see
Permissions boundaries for IAM entities
in the IAM User Guide.
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.
See: newPermissionsBoundary
smart constructor.
Instances
newPermissionsBoundary :: PermissionsBoundary Source #
Create a value of PermissionsBoundary
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:customerManagedPolicyReference:PermissionsBoundary'
, permissionsBoundary_customerManagedPolicyReference
- Specifies the name and path of a customer managed policy. You must have
an IAM policy that matches the name and path in each AWS account where
you want to deploy your permission set.
$sel:managedPolicyArn:PermissionsBoundary'
, permissionsBoundary_managedPolicyArn
- The AWS managed policy ARN that you want to attach to a permission set
as a permissions boundary.
Tag
A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that IAM Identity Center creates in AWS accounts.
See: newTag
smart constructor.
Instances
FromJSON Tag Source # | |
ToJSON Tag Source # | |
Defined in Amazonka.SSOAdmin.Types.Tag | |
Generic Tag Source # | |
Read Tag Source # | |
Show Tag Source # | |
NFData Tag Source # | |
Defined in Amazonka.SSOAdmin.Types.Tag | |
Eq Tag Source # | |
Hashable Tag Source # | |
Defined in Amazonka.SSOAdmin.Types.Tag | |
type Rep Tag Source # | |
Defined in Amazonka.SSOAdmin.Types.Tag type Rep Tag = D1 ('MetaData "Tag" "Amazonka.SSOAdmin.Types.Tag" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "Tag'" 'PrefixI 'True) (S1 ('MetaSel ('Just "key") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "value") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text))) |
Create a value of Tag
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:key:Tag'
, tag_key
- The key for the tag.
$sel:value:Tag'
, tag_value
- The value of the tag.