1.0.2 • Published 3 years ago
aws-sso-mapper v1.0.2
aws-sso-mapper module
Use this CDK module to create and map AWS SSO PermissionSets using principal names rather than principal ids
API Reference
class AwsSSOMapper
Initializer
new AwsSSOMapper(scope: Construct, id: string)
- scope (Construct) - represents the scope for all the resources.
- id (string) - this is a a scope-unique id.
Properties
Name | Type | Description |
---|---|---|
identityStoreId | string | AWS SSO Identity Store id |
instanceArn | string | AWS SSO instance ARN |
Methods
addPermissionSet(id, props)
Create new PermissionSet.
addPermissionSet(id: string, props: IAddPermissionSetProps): PermissionSet
- id (string) this is a a scope-unique id.
- props (IAddPermissionSetProps) User provided props for the method.
Returns:
class PermissionSet
Initializer
new PermissionSet(scope: Construct, id: string, props: IPermissionSetProps)
- scope (Construct) - represents the scope for all the resources.
- id (string) - this is a a scope-unique id.
- props (IPermissionSetProps) - user provided props for the construct.
Methods
assign(props)
Assign principal to a specific AWS Account.
assign(props: IAssignProps): CfnAssignment
- props (IAssignProps) User provided props for the method.
Returns:
interface IAddPermissionSetProps
Properties
Name | Type | Description |
---|---|---|
name | string | The Permission Set name. |
description? | string | The Permission Set description.Default: name |
inlinePolicy? | PolicyDocument | The Permission Set inline policy.Default: No inline policy |
managedPolicies? | Array<IManagedPolicy> | A list with AWS managed policies to apply to the Permission Set.Default: No managed policies |
sessionDuration? | Duration | The Permission Set session duration.Default: 4 hours |
interface IAssignProps
Properties
Name | Type | Description |
---|---|---|
name | string | The principal name. |
targetId | string | The target id (AWS Account id). |
type | string | The principal type (USER/GROUP). |
interface IPermissionSetProps
Properties
Name | Type | Description |
---|---|---|
identityStoreId | string | The AWS SSO Identity Store id. |
instanceArn | string | The AWS SSO instance ARN. |
name | string | The Permission Set name. |
description? | string | The Permission Set description.Default: name |
inlinePolicy? | PolicyDocument | The Permission Set inline policy.Default: No inline policy |
managedPolicies? | Array<IManagedPolicy> | A list with AWS managed policies to apply to the Permission Set.Default: No managed policies |
sessionDuration? | Duration | The Permission Set session duration.Default: 4 hours |