assignment

Gets an individual assignment resource

Overview

Name	`assignment`
Type	Resource
Description	assignment
Id	`awscc.sso.assignment`

Fields

Name	Datatype	Description
`instance_arn`	`string`	The sso instance that the permission set is owned.
`target_id`	`string`	The account id to be provisioned.
`target_type`	`string`	The type of resource to be provsioned to, only aws account now
`permission_set_arn`	`string`	The permission set that the assignemt will be assigned
`principal_type`	`string`	The assignee's type, user/group
`principal_id`	`string`	The assignee's identifier, user id/group id
`region`	`string`	AWS region.

Methods

Currently only SELECT is supported for this resource resource.

Example

SELECT
region,
instance_arn,
target_id,
target_type,
permission_set_arn,
principal_type,
principal_id
FROM awscc.sso.assignment
WHERE data__Identifier = '<InstanceArn>|<TargetId>|<TargetType>|<PermissionSetArn>|<PrincipalType>|<PrincipalId>';

Permissions

To operate on the assignment resource, the following permissions are required:

Read

sso:ListAccountAssignments,
iam:GetSAMLProvider,
iam:ListRolePolicies

Delete

sso:ListAccountAssignments,
sso:DeleteAccountAssignment,
sso:DescribeAccountAssignmentDeletionStatus,
iam:GetSAMLProvider,
iam:ListRolePolicies

Overview​

Fields​

Methods​

Example​

Permissions​

Read​

Delete​

Overview

Fields

Methods

Example

Permissions

Read

Delete