AccessControlAttribute
These are IAM Identity Center identity store attributes that you can configure for use in
attributes-based access control (ABAC). You can create permissions policies that
determine who can access your AWS resources based upon the configured attribute
values. When you enable ABAC and specify AccessControlAttributes, IAM Identity Center
passes the attribute values of the authenticated user into IAM for use in policy
evaluation.
Contents
- Key
-
The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\p{L}\p{Z}\p{N}_.:\/=+\-@]+Required: Yes
- Value
-
The value used for mapping a specified attribute to an identity source.
Type: AccessControlAttributeValue object
Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
