Class CfnPermissionSet
A CloudFormation AWS::SSO::PermissionSet.
Inherited Members
Namespace: Amazon.CDK.AWS.SSO
Assembly: Amazon.CDK.AWS.SSO.dll
Syntax (csharp)
public class CfnPermissionSet : CfnResource, IConstruct, IDependable, IInspectableSyntax (vb)
Public Class CfnPermissionSet
Inherits CfnResource
Implements IConstruct, IDependable, IInspectableRemarks
Specifies a permission set within a specified IAM Identity Center instance.
CloudformationResource: AWS::SSO::PermissionSet
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SSO;
var inlinePolicy;
var cfnPermissionSet = new CfnPermissionSet(this, "MyCfnPermissionSet", new CfnPermissionSetProps {
InstanceArn = "instanceArn",
Name = "name",
// the properties below are optional
CustomerManagedPolicyReferences = new [] { new CustomerManagedPolicyReferenceProperty {
Name = "name",
// the properties below are optional
Path = "path"
} },
Description = "description",
InlinePolicy = inlinePolicy,
ManagedPolicies = new [] { "managedPolicies" },
PermissionsBoundary = new PermissionsBoundaryProperty {
CustomerManagedPolicyReference = new CustomerManagedPolicyReferenceProperty {
Name = "name",
// the properties below are optional
Path = "path"
},
ManagedPolicyArn = "managedPolicyArn"
},
RelayStateType = "relayStateType",
SessionDuration = "sessionDuration",
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
});Synopsis
Constructors
| CfnPermissionSet(Construct, String, ICfnPermissionSetProps) | Create a new |
| CfnPermissionSet(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
| CfnPermissionSet(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
| AttrPermissionSetArn | The permission set ARN of the permission set, such as |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | |
| CustomerManagedPolicyReferences | Specifies the names and paths of the customer managed policies that you have attached to your permission set. |
| Description | The description of the |
| InlinePolicy | The inline policy that is attached to the permission set. |
| InstanceArn | The ARN of the IAM Identity Center instance under which the operation will be executed. |
| ManagedPolicies | A structure that stores the details of the AWS managed policy. |
| Name | The name of the permission set. |
| PermissionsBoundary | Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. |
| RelayStateType | Used to redirect users within the application during the federation authentication process. |
| SessionDuration | The length of time that the application user sessions are valid for in the ISO-8601 standard. |
| Tags | The tags to attach to the new |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| RenderProperties(IDictionary<String, Object>) |
Constructors
CfnPermissionSet(Construct, String, ICfnPermissionSetProps)
Create a new AWS::SSO::PermissionSet.
public CfnPermissionSet(Construct scope, string id, ICfnPermissionSetProps props)Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnPermissionSetProps
- resource properties.
CfnPermissionSet(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnPermissionSet(ByRefValue reference)Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnPermissionSet(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnPermissionSet(DeputyBase.DeputyProps props)Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AttrPermissionSetArn
The permission set ARN of the permission set, such as arn:aws:sso:::permissionSet/ins-instanceid/ps-permissionsetid .
public virtual string AttrPermissionSetArn { get; }Property Value
System.String
Remarks
CloudformationAttribute: PermissionSetArn
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
CustomerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
public virtual object CustomerManagedPolicyReferences { get; set; }Property Value
System.Object
Remarks
Description
The description of the PermissionSet .
public virtual string Description { get; set; }Property Value
System.String
Remarks
InlinePolicy
The inline policy that is attached to the permission set.
public virtual object InlinePolicy { get; set; }Property Value
System.Object
Remarks
For Length Constraints , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.
InstanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
public virtual string InstanceArn { get; set; }Property Value
System.String
Remarks
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .
ManagedPolicies
A structure that stores the details of the AWS managed policy.
public virtual string[] ManagedPolicies { get; set; }Property Value
System.String[]
Remarks
Name
The name of the permission set.
public virtual string Name { get; set; }Property Value
System.String
Remarks
PermissionsBoundary
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
public virtual object PermissionsBoundary { get; set; }Property Value
System.Object
Remarks
Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .
RelayStateType
Used to redirect users within the application during the federation authentication process.
public virtual string RelayStateType { get; set; }Property Value
System.String
Remarks
SessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard.
public virtual string SessionDuration { get; set; }Property Value
System.String
Remarks
Tags
The tags to attach to the new PermissionSet .
public virtual TagManager Tags { get; }Property Value
Remarks
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>