assignments

Retrieves a list of assignments in a region

Overview

Name	`assignments`
Type	Resource
Description	assignments
Id	`awscc.sso.assignments`

Fields

Name	Datatype	Description
`instance_arn`	`string`	The sso instance that the permission set is owned.
`target_id`	`string`	The account id to be provisioned.
`target_type`	`string`	The type of resource to be provsioned to, only aws account now
`permission_set_arn`	`string`	The permission set that the assignemt will be assigned
`principal_type`	`string`	The assignee's type, user/group
`principal_id`	`string`	The assignee's identifier, user id/group id
`region`	`string`	AWS region.

Methods

Currently only SELECT is supported for this resource resource.

Example

SELECT
region,
instance_arn,
target_id,
target_type,
permission_set_arn,
principal_type,
principal_id
FROM awscc.sso.assignments
WHERE region = 'us-east-1'

Permissions

To operate on the assignments resource, the following permissions are required:

Create

sso:CreateAccountAssignment,
sso:DescribeAccountAssignmentCreationStatus,
sso:ListAccountAssignments,
iam:GetSAMLProvider,
iam:CreateSAMLProvider,
iam:AttachRolePolicy,
iam:PutRolePolicy,
iam:CreateRole,
iam:ListRolePolicies

List

sso:ListAccountAssignments,
iam:ListRolePolicies

Overview​

Fields​

Methods​

Example​

Permissions​

Create​

List​

Overview

Fields

Methods

Example

Permissions

Create

List