# CreatePermissionSet
Creates a permission set within a specified IAM Identity Center instance.
**Note**
To grant users and groups access to AWS account resources, use ` CreateAccountAssignment `.
## Request Syntax
```
{
"Description": "string",
"InstanceArn": "string",
"Name": "string",
"RelayState": "string",
"SessionDuration": "string",
"Tags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [Description](#API_CreatePermissionSet_RequestSyntax) **
The description of the [PermissionSet](API_PermissionSet.md).
Type: String
Length Constraints: Minimum length of 1. Maximum length of 700.
Pattern: `[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]*`
Required: No
** [InstanceArn](#API_CreatePermissionSet_RequestSyntax) **
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](/general/latest/gr/aws-arns-and-namespaces.html) in the * AWS General Reference*.
Type: String
Length Constraints: Minimum length of 10. Maximum length of 1224.
Pattern: `arn:aws(-[a-z]{1,5}){0,3}:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}`
Required: Yes
** [Name](#API_CreatePermissionSet_RequestSyntax) **
The name of the [PermissionSet](API_PermissionSet.md).
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32.
Pattern: `[\w+=,.@-]+`
Required: Yes
** [RelayState](#API_CreatePermissionSet_RequestSyntax) **
Used to redirect users within the application during the federation authentication process.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 240.
Pattern: `[a-zA-Z0-9&$@#\\\/%?=~\-_'"|!:,.;*+\[\]\ \(\)\{\}]+`
Required: No
** [SessionDuration](#API_CreatePermissionSet_RequestSyntax) **
The length of time that the application user sessions are valid in the ISO-8601 standard.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 100.
Pattern: `(-?)P(?=\d|T\d)(?:(\d+)Y)?(?:(\d+)M)?(?:(\d+)([DW]))?(?:T(?:(\d+)H)?(?:(\d+)M)?(?:(\d+(?:\.\d+)?)S)?)?`
Required: No
** [Tags](#API_CreatePermissionSet_RequestSyntax) **
The tags to attach to the new [PermissionSet](API_PermissionSet.md).
Type: Array of [Tag](API_Tag.md) objects
Array Members: Minimum number of 0 items. Maximum number of 75 items.
Required: No
## Response Syntax
```
{
"PermissionSet": {
"CreatedDate": number,
"Description": "string",
"Name": "string",
"PermissionSetArn": "string",
"RelayState": "string",
"SessionDuration": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [PermissionSet](#API_CreatePermissionSet_ResponseSyntax) **
Defines the level of access on an AWS account.
Type: [PermissionSet](API_PermissionSet.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** AccessDeniedException **
You do not have sufficient access to perform this action.
** Reason **
The reason for the access denied exception.
HTTP Status Code: 400
** ConflictException **
Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.
HTTP Status Code: 400
** InternalServerException **
The request processing has failed because of an unknown error, exception, or failure with an internal server.
HTTP Status Code: 500
** ResourceNotFoundException **
Indicates that a requested resource is not found.
** Reason **
The reason for the resource not found exception.
HTTP Status Code: 400
** ServiceQuotaExceededException **
Indicates that the principal has crossed the permitted number of resources that can be created.
HTTP Status Code: 400
** ThrottlingException **
Indicates that the principal has crossed the throttling limits of the API operations.
** Reason **
The reason for the throttling exception.
HTTP Status Code: 400
** ValidationException **
The request failed because it contains a syntax error.
** Reason **
The reason for the validation exception.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/sso-admin-2020-07-20/CreatePermissionSet)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/sso-admin-2020-07-20/CreatePermissionSet)