AWS::SSO::Instance
Creates an instance of IAM Identity Center for a standalone AWS account that is not managed by AWS Organizations or a member AWS account in an organization. You can create only one instance per account and across all AWS Regions.
The CreateInstance request is rejected if the following apply:
-
The instance is created within the organization management account.
-
An instance already exists in the same account.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
Properties
Name-
The name of the Identity Center instance.
Required: No
Type: String
Pattern:
^[\w+=,.@-]+$Minimum:
1Maximum:
32Update requires: No interruption
-
Specifies tags to be attached to the instance of IAM Identity Center.
Required: No
Type: Array of Tag
Maximum:
75Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns a generated ID, combined by all fields with the delimiter
|.
For more information about using the Ref function, see Ref.
Fn::GetAtt
IdentityStoreId-
The identifier of the identity store that is connected to the Identity Center instance.
InstanceArn-
The ARN of the Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
OwnerAccountId-
The AWS account ID number of the owner of the Identity Center instance.
Status-
The current status of this Identity Center instance.
Examples
Creating a new instance of IAM Identity Center
The following example creates an instance of IAM Identity Center for a specific AWS account.
JSON
"Instance": { "Type": "AWS::SSO::Instance", "Properties": { "Name": "InstanceExample", "Tags": { "InstanceTagKey1": "InstanceTagValue1" } } }
YAML
Instance: Type: AWS::SSO::Instance Properties: Name: InstanceExample Tags: InstanceTagKey1: 'InstanceTagValue1'
