AWS::SSO::Application
Creates an OAuth 2.0 customer managed application in IAM Identity Center for the given application provider.
Note
This API does not support creating SAML 2.0 customer managed applications or AWS managed applications. To learn how to create an AWS managed application, see the application user guide. You can create a SAML 2.0 customer managed application in the AWS Management Console only. See Setting up customer managed SAML 2.0 applications. For more information on these application types, see AWS managed applications.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::SSO::Application", "Properties" : { "ApplicationProviderArn" :String, "Description" :String, "InstanceArn" :String, "Name" :String, "PortalOptions" :PortalOptionsConfiguration, "Status" :String, "Tags" :[ Tag, ... ]} }
YAML
Type: AWS::SSO::Application Properties: ApplicationProviderArn:StringDescription:StringInstanceArn:StringName:StringPortalOptions:PortalOptionsConfigurationStatus:StringTags:- Tag
Properties
ApplicationProviderArn-
The ARN of the application provider for this application.
Required: Yes
Type: String
Pattern:
^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::aws:applicationProvider/[a-zA-Z0-9-/]+$Minimum:
10Maximum:
1224Update requires: Replacement
Description-
The description of the application.
Required: No
Type: String
Minimum:
1Maximum:
128Update requires: No interruption
InstanceArn-
The ARN of the instance of IAM Identity Center that is configured with this application.
Required: Yes
Type: String
Pattern:
^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$Minimum:
10Maximum:
1224Update requires: Replacement
Name-
The name of the application.
Required: Yes
Type: String
Pattern:
^[\w+=,.@-]+$Minimum:
0Maximum:
255Update requires: No interruption
PortalOptions-
A structure that describes the options for the access portal associated with this application.
Required: No
Type: PortalOptionsConfiguration
Update requires: No interruption
Status-
The current status of the application in this instance of IAM Identity Center.
Required: No
Type: String
Allowed values:
ENABLED | DISABLEDUpdate requires: No interruption
-
Specifies tags to be attached to the application.
Required: No
Type: Array of Tag
Maximum:
75Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns a generated ID, combined by all fields with the delimiter
|.
For more information about using the Ref function, see Ref.
Fn::GetAtt
ApplicationArn-
The ARN of the application.
Examples
Creating an application in IAM Identity Center
The following example creates a new custom application with an Application URL sign-in option.
JSON
{ "Type" : "AWS::SSO::Application", "Properties" : { "ApplicationProviderArn" : "arn:sso::aws:applicationProvider/example", "Description" : "This is a sample application", "InstanceArn" : "arn:aws:sso:::instance/ssoins-instanceId", "Name" : "Application", "PortalOptions" : { "SignInOptions" : { "ApplicationUrl" : "http://www.example.com", "Origin" : "APPLICATION" }, "Visibility" : "ENABLED" }, "Status" : "ENABLED", "Tags": [ { "Key": "tagKey", "Value": "tagValue" } ] } }
YAML
Type: AWS::SSO::Application Properties: ApplicationProviderArn: arn:sso::aws:applicationProvider/example Description: This is a sample application InstanceArn: arn:aws:sso:::instance/ssoins-instanceId Name: Application PortalOptions: SignInOptions: ApplicationUrl: http://www.example.com Origin: APPLICATION Visibility: ENABLED Status: ENABLED Tags: - Key: tagKey Value: tagValue
