String key
The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center.
AccessControlAttributeValue value
The value used for mapping a specified attribute to an identity source.
String accountId
The identifier of the Amazon Web Services account.
String permissionSetArn
The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String accountId
The account ID number of the Amazon Web Services account.
String permissionSetArn
The ARN of the IAM Identity Center permission set assigned to this principal for this Amazon Web Services account.
String principalId
The ID of the principal.
String principalType
The type of the principal.
Date createdDate
The date that the permission set was created.
String failureReason
The message that contains an error or exception in case of an operation failure.
String permissionSetArn
The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String requestId
The identifier for tracking the request operation that is generated by the universally unique identifier (UUID) workflow.
String status
The status of the permission set provisioning process.
String targetId
TargetID is an Amazon Web Services account identifier, (For example, 123456789012).
String targetType
The entity type for which the assignment will be created.
String applicationAccount
The Amazon Web Services account ID number of the application.
String applicationArn
The ARN of the application.
String applicationProviderArn
The ARN of the application provider for this application.
Date createdDate
The date and time when the application was originally created.
String description
The description of the application.
String instanceArn
The ARN of the instance of IAM Identity Center that is configured with this application.
String name
The name of the application.
PortalOptions portalOptions
A structure that describes the options for the access portal associated with this application.
String status
The current status of the application in this instance of IAM Identity Center.
String applicationProviderArn
The ARN of the application provider.
DisplayData displayData
A structure that describes how IAM Identity Center represents the application provider in the portal.
String federationProtocol
The protocol that the application provider uses to perform federation.
ResourceServerConfig resourceServerConfig
A structure that describes the application provider's resource server.
CustomerManagedPolicyReference customerManagedPolicyReference
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String permissionSetArn
The ARN of the PermissionSet.
String arn
The ARN of the Amazon Web Services managed policy. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
The name of the Amazon Web Services managed policy.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String managedPolicyArn
The Amazon Web Services managed policy ARN to be attached to a permission set.
String permissionSetArn
The ARN of the PermissionSet that the managed policy should be attached to.
AuthenticationMethod authenticationMethod
A structure that describes an authentication method. The contents of this structure is determined by the
AuthenticationMethodType.
String authenticationMethodType
The type of authentication that is used by this method.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set that the admin wants to grant the principal access to.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String targetId
TargetID is an Amazon Web Services account identifier, (For example, 123456789012).
String targetType
The entity type for which the assignment will be created.
AccountAssignmentOperationStatus accountAssignmentCreationStatus
The status object for the account assignment creation operation.
String applicationArn
The ARN of the application provider under which the operation will run.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String applicationProviderArn
The ARN of the application provider under which the operation will run.
String clientToken
Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
String description
The description of the .
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
The name of the .
PortalOptions portalOptions
A structure that describes the options for the portal associated with an application.
String status
Specifies whether the application is enabled or disabled.
List<E> tags
Specifies tags to be attached to the application.
String applicationArn
Specifies the ARN of the application.
InstanceAccessControlAttributeConfiguration instanceAccessControlAttributeConfiguration
Specifies the IAM Identity Center identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion. Doing so provides an alternative to configuring attributes from the IAM Identity Center identity store. If a SAML assertion passes any of these attributes, IAM Identity Center will replace the attribute value with the value from the IAM Identity Center identity store.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String clientToken
Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
String name
The name of the instance of IAM Identity Center.
List<E> tags
Specifies tags to be attached to the instance of IAM Identity Center.
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run.
For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String description
The description of the PermissionSet.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
The name of the PermissionSet.
String relayState
Used to redirect users within the application during the federation authentication process.
String sessionDuration
The length of time that the application user sessions are valid in the ISO-8601 standard.
List<E> tags
The tags to attach to the new PermissionSet.
PermissionSet permissionSet
Defines the level of access on an Amazon Web Services account.
String clientToken
Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
String instanceArn
Specifies the ARN of the instance of IAM Identity Center to contain the new trusted token issuer configuration.
String name
Specifies the name of the new trusted token issuer configuration.
List<E> tags
Specifies tags to be attached to the new trusted token issuer configuration.
TrustedTokenIssuerConfiguration trustedTokenIssuerConfiguration
Specifies settings that apply to the new trusted token issuer configuration. The settings that are available
depend on what TrustedTokenIssuerType you specify.
String trustedTokenIssuerType
Specifies the type of the new trusted token issuer.
String trustedTokenIssuerArn
The ARN of the new trusted token issuer configuration.
String name
The name of the IAM policy that you have configured in each account where you want to deploy your permission set.
String path
The path to the IAM policy that you have configured in each account where you want to deploy your permission set.
The default is /. For more information, see Friendly names and paths in the IAM User Guide.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set that will be used to remove access.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be deleted.
String targetId
TargetID is an Amazon Web Services account identifier, (For example, 123456789012).
String targetType
The entity type for which the assignment will be deleted.
AccountAssignmentOperationStatus accountAssignmentDeletionStatus
The status object for the account assignment deletion operation.
String applicationArn
Specifies the ARN of the application.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be deleted.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set that will be used to remove access.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set that should be deleted.
String trustedTokenIssuerArn
Specifies the ARN of the trusted token issuer configuration to delete.
String accountAssignmentCreationRequestId
The identifier that is used to track the request operation progress.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
AccountAssignmentOperationStatus accountAssignmentCreationStatus
The status object for the account assignment creation operation.
String accountAssignmentDeletionRequestId
The identifier that is used to track the request operation progress.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
AccountAssignmentOperationStatus accountAssignmentDeletionStatus
The status object for the account assignment deletion operation.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String principalId
An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.
String principalType
The entity type for which the assignment will be created.
String applicationProviderArn
Specifies the ARN of the application provider for which you want details.
String applicationProviderArn
The ARN of the application provider.
DisplayData displayData
A structure with details about the display data for the application provider.
String federationProtocol
The protocol used to federate to the application provider.
ResourceServerConfig resourceServerConfig
A structure with details about the receiving application.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String applicationAccount
The account ID.
String applicationArn
Specifies the ARN of the application.
String applicationProviderArn
The ARN of the application provider under which the operation will run.
Date createdDate
The date the application was created.
String description
The description of the .
String instanceArn
The ARN of the IAM Identity Center application under which the operation will run. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
The application name.
PortalOptions portalOptions
A structure that describes the options for the portal associated with an application.
String status
Specifies whether the application is enabled or disabled.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
InstanceAccessControlAttributeConfiguration instanceAccessControlAttributeConfiguration
Gets the list of IAM Identity Center identity store attributes that have been added to your ABAC configuration.
String status
The status of the attribute configuration process.
String statusReason
Provides more details about the current status of the specified attribute.
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run.
Date createdDate
The date the instance was created.
String identityStoreId
The identifier of the identity store that is connected to the instance of IAM Identity Center.
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
Specifies the instance name.
String ownerAccountId
The identifier of the Amazon Web Services account for which the instance was created.
String status
The status of the instance.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String provisionPermissionSetRequestId
The identifier that is provided by the ProvisionPermissionSet call to retrieve the current status of the provisioning workflow.
PermissionSetProvisioningStatus permissionSetProvisioningStatus
The status object for the permission set provisioning operation.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set.
PermissionSet permissionSet
Describes the level of access on an Amazon Web Services account.
String trustedTokenIssuerArn
Specifies the ARN of the trusted token issuer configuration that you want details about.
String name
The name of the trusted token issuer configuration.
String trustedTokenIssuerArn
The ARN of the trusted token issuer configuration.
TrustedTokenIssuerConfiguration trustedTokenIssuerConfiguration
A structure the describes the settings that apply of this trusted token issuer.
String trustedTokenIssuerType
The type of the trusted token issuer.
CustomerManagedPolicyReference customerManagedPolicyReference
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String permissionSetArn
The ARN of the PermissionSet.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String managedPolicyArn
The Amazon Web Services managed policy ARN to be detached from a permission set.
String permissionSetArn
The ARN of the PermissionSet from which the policy should be detached.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Boolean assignmentRequired
If AssignmentsRequired is true (default value), users don’t have access to the
application unless an assignment is created using the CreateApplicationAssignment API. If false, all users have access to the application.
AuthenticationMethod authenticationMethod
A structure that contains details about the requested authentication method.
Grant grant
A structure that describes the requested grant.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set.
String inlinePolicy
The inline policy that is attached to the permission set.
For Length Constraints, if a valid ARN is provided for a permission set, it is possible for an empty
inline policy to be returned.
PermissionsBoundary permissionsBoundary
The permissions boundary attached to the specified permission set.
AuthorizationCodeGrant authorizationCode
Configuration options for the authorization_code grant type.
JwtBearerGrant jwtBearer
Configuration options for the urn:ietf:params:oauth:grant-type:jwt-bearer grant type.
RefreshTokenGrant refreshToken
Configuration options for the refresh_token grant type.
TokenExchangeGrant tokenExchange
Configuration options for the urn:ietf:params:oauth:grant-type:token-exchange grant type.
Date createdDate
The date and time that the Identity Center instance was created.
String identityStoreId
The identifier of the identity store that is connected to the Identity Center instance.
String instanceArn
The ARN of the Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
The name of the Identity Center instance.
String ownerAccountId
The Amazon Web Services account ID number of the owner of the Identity Center instance.
String status
The current status of this Identity Center instance.
OperationStatusFilter filter
Filters results based on the passed attribute value.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
OperationStatusFilter filter
Filters results based on the passed attribute value.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String accountId
The ID number of an Amazon Web Services account that filters the results in the response.
ListAccountAssignmentsFilter filter
Specifies an Amazon Web Services account ID number. Results are filtered to only those that match this ID number.
String instanceArn
Specifies the ARN of the instance of IAM Identity Center that contains the principal.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
String principalId
Specifies the principal for which you want to retrieve the list of account assignments.
String principalType
Specifies the type of the principal.
List<E> accountAssignments
An array list of the account assignments for the principal.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
String accountId
The identifier of the Amazon Web Services account from which to list the assignments.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String permissionSetArn
The ARN of the permission set from which to list assignments.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the PermissionSet.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String permissionSetArn
The ARN of the PermissionSet from which the associated Amazon Web Services accounts will be listed.
String provisioningStatus
The permission set provisioning status for an Amazon Web Services account.
String applicationArn
Specifies the ARN of the application.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
List<E> scopes
An array list of access scopes and their authorized targets that are associated with the application.
String applicationArn
The ARN of an application.
ListApplicationAssignmentsFilter filter
Filters the output to include only assignments associated with the application that has the specified ARN.
String instanceArn
Specifies the instance of IAM Identity Center that contains principal and applications.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
String principalId
Specifies the unique identifier of the principal for which you want to retrieve its assignments.
String principalType
Specifies the type of the principal for which you want to retrieve its assignments.
List<E> applicationAssignments
An array list of the application assignments for the specified principal.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
String applicationArn
Specifies the ARN of the application.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
List<E> applicationAssignments
The list of users assigned to an application.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
String applicationArn
Specifies the ARN of the application with the authentication methods you want to list.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
List<E> authenticationMethods
An array list of authentication methods for the specified application.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
String applicationArn
Specifies the ARN of the application whose grants you want to list.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
List<E> grants
An array list of structures that describe the requested grants.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
List<E> applicationProviders
An array list of structures that describe application providers.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
ListApplicationsFilter filter
Filters response results.
String instanceArn
The ARN of the IAM Identity Center application under which the operation will run. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
List<E> applications
Retrieves all applications associated with the instance.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
Integer maxResults
The maximum number of results to display for the list call.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String permissionSetArn
The ARN of the PermissionSet.
List<E> customerManagedPolicyReferences
Specifies the names and paths of the customer managed policies that you have attached to your permission set.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the PermissionSet.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String permissionSetArn
The ARN of the PermissionSet whose managed policies will be listed.
List<E> attachedManagedPolicies
An array of the AttachedManagedPolicy data type object.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
OperationStatusFilter filter
Filters results based on the passed attribute value.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String accountId
The identifier of the Amazon Web Services account from which to list the assignments.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String provisioningStatus
The status object for the permission set provisioning operation.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Integer maxResults
The maximum number of results to display for the assignment.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String nextToken
The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
String resourceArn
The ARN of the resource with the tags to be listed.
String instanceArn
Specifies the ARN of the instance of IAM Identity Center with the trusted token issuer configurations that you want to list.
Integer maxResults
Specifies the total number of results that you want included in each response. If additional items exist beyond
the number you specify, the NextToken response element is returned with a value (not null). Include
the specified value as the NextToken request parameter in the next call to the operation to get the
next set of results. Note that the service might return fewer results than the maximum even when there are more
results available. You should check NextToken after every operation to ensure that you receive all
of the results.
String nextToken
Specifies that you want to receive the next page of results. Valid only if you received a NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to
the value provided by the previous call's NextToken response to request the next page of results.
String nextToken
If present, this value indicates that more output is available than is included in the current response. Use this
value in the NextToken request parameter in a subsequent call to the operation to get the next part
of the output. You should repeat this until the NextToken response element comes back as
null. This indicates that this is the last page of results.
List<E> trustedTokenIssuers
An array list of the trusted token issuer configurations.
String claimAttributePath
The path of the source attribute in the JWT from the trusted token issuer. The attribute mapped by this JMESPath
expression is compared against the attribute mapped by IdentityStoreAttributePath when a trusted
token issuer token is exchanged for an IAM Identity Center token.
String identityStoreAttributePath
The path of the destination attribute in a JWT from IAM Identity Center. The attribute mapped by this JMESPath
expression is compared against the attribute mapped by ClaimAttributePath when a trusted token
issuer token is exchanged for an IAM Identity Center token.
String issuerUrl
The URL that IAM Identity Center uses for OpenID Discovery. OpenID Discovery is used to obtain the information required to verify the tokens that the trusted token issuer generates.
String jwksRetrievalOption
The method that the trusted token issuer can use to retrieve the JSON Web Key Set used to verify a JWT.
String claimAttributePath
The path of the source attribute in the JWT from the trusted token issuer. The attribute mapped by this JMESPath
expression is compared against the attribute mapped by IdentityStoreAttributePath when a trusted
token issuer token is exchanged for an IAM Identity Center token.
String identityStoreAttributePath
The path of the destination attribute in a JWT from IAM Identity Center. The attribute mapped by this JMESPath
expression is compared against the attribute mapped by ClaimAttributePath when a trusted token
issuer token is exchanged for an IAM Identity Center token.
String jwksRetrievalOption
The method that the trusted token issuer can use to retrieve the JSON Web Key Set used to verify a JWT.
String status
Filters the list operations result based on the status attribute.
CustomerManagedPolicyReference customerManagedPolicyReference
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
String managedPolicyArn
The Amazon Web Services managed policy ARN that you want to attach to a permission set as a permissions boundary.
Date createdDate
The date that the permission set was created.
String description
The description of the PermissionSet.
String name
The name of the permission set.
String permissionSetArn
The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String relayState
Used to redirect users within the application during the federation authentication process.
String sessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard.
String accountId
The identifier of the Amazon Web Services account from which to list the assignments.
Date createdDate
The date that the permission set was created.
String failureReason
The message that contains an error or exception in case of an operation failure.
String permissionSetArn
The ARN of the permission set that is being provisioned. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String requestId
The identifier for tracking the request operation that is generated by the universally unique identifier (UUID) workflow.
String status
The status of the permission set provisioning process.
SignInOptions signInOptions
A structure that describes the sign-in options for the access portal.
String visibility
Indicates whether this application is visible in the access portal.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set.
String targetId
TargetID is an Amazon Web Services account identifier, (For example, 123456789012).
String targetType
The entity type for which the assignment will be created.
PermissionSetProvisioningStatus permissionSetProvisioningStatus
The status object for the permission set provisioning operation.
String applicationArn
Specifies the ARN of the application with the access scope with the targets to add or update.
List<E> authorizedTargets
Specifies an array list of ARNs that represent the authorized targets for this access scope.
String scope
Specifies the name of the access scope to be associated with the specified targets.
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
Boolean assignmentRequired
If AssignmentsRequired is true (default value), users don’t have access to the
application unless an assignment is created using the CreateApplicationAssignment API. If false, all users have access to the application.
String applicationArn
Specifies the ARN of the application with the authentication method to add or update.
AuthenticationMethod authenticationMethod
Specifies a structure that describes the authentication method to add or update. The structure type you provide
is determined by the AuthenticationMethodType parameter.
String authenticationMethodType
Specifies the type of the authentication method that you want to add or update.
String inlinePolicy
The inline policy to attach to a PermissionSet.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String permissionSetArn
The ARN of the PermissionSet.
PermissionsBoundary permissionsBoundary
The permissions boundary that you want to attach to a PermissionSet.
String applicationUrl
The URL that accepts authentication requests for an application. This is a required parameter if the
Origin parameter is APPLICATION.
String origin
This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:
APPLICATION: IAM Identity Center redirects the customer to the configured
ApplicationUrl.
IDENTITY_CENTER: IAM Identity Center uses SAML identity-provider initiated authentication to sign
the customer directly into a SAML-based application.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String resourceArn
The ARN of the resource with the tags to be listed.
List<E> tags
A set of key-value pairs that are used to manage the resource.
OidcJwtConfiguration oidcJwtConfiguration
A structure that describes the settings for a trusted token issuer that works with OpenID Connect (OIDC) by using JSON Web Tokens (JWT).
String name
The name of the trusted token issuer configuration in the instance of IAM Identity Center.
String trustedTokenIssuerArn
The ARN of the trusted token issuer configuration in the instance of IAM Identity Center.
String trustedTokenIssuerType
The type of trusted token issuer.
OidcJwtUpdateConfiguration oidcJwtConfiguration
A structure that describes an updated configuration for a trusted token issuer that uses OpenID Connect (OIDC) with JSON web tokens (JWT).
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String resourceArn
The ARN of the resource with the tags to be listed.
List<E> tagKeys
The keys of tags that are attached to the resource.
SignInOptions signInOptions
String applicationArn
Specifies the ARN of the application. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String description
The description of the .
String name
Specifies the updated name for the application.
UpdateApplicationPortalOptions portalOptions
A structure that describes the options for the portal associated with an application.
String status
Specifies whether the application is enabled or disabled.
InstanceAccessControlAttributeConfiguration instanceAccessControlAttributeConfiguration
Updates the attributes for your ABAC configuration.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed.
String instanceArn
The ARN of the instance of IAM Identity Center under which the operation will run. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String name
Updates the instance name.
String description
The description of the PermissionSet.
String instanceArn
The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
String permissionSetArn
The ARN of the permission set.
String relayState
Used to redirect users within the application during the federation authentication process.
String sessionDuration
The length of time that the application user sessions are valid for in the ISO-8601 standard.
String name
Specifies the updated name to be applied to the trusted token issuer configuration.
String trustedTokenIssuerArn
Specifies the ARN of the trusted token issuer configuration that you want to update.
TrustedTokenIssuerUpdateConfiguration trustedTokenIssuerConfiguration
Specifies a structure with settings to apply to the specified trusted token issuer. The settings that you can provide are determined by the type of the trusted token issuer that you are updating.
Copyright © 2024. All rights reserved.