permission_set
Gets an individual permission_set resource
Overview
| Name | permission_set |
| Type | Resource |
| Description | permission_set |
| Id | awscc.sso.permission_set |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | The name you want to assign to this permission set. |
permission_set_arn | string | The permission set that the policy will be attached to |
description | string | The permission set description. |
instance_arn | string | The sso instance arn that the permission set is owned. |
session_duration | string | The length of time that a user can be signed in to an AWS account. |
relay_state_type | string | The relay state URL that redirect links to any service in the AWS Management Console. |
managed_policies | array | |
inline_policy | object | The inline policy to put in permission set. |
tags | array | |
customer_managed_policy_references | array | |
permissions_boundary | object | |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
name,
permission_set_arn,
description,
instance_arn,
session_duration,
relay_state_type,
managed_policies,
inline_policy,
tags,
customer_managed_policy_references,
permissions_boundary
FROM awscc.sso.permission_set
WHERE data__Identifier = '<InstanceArn>|<PermissionSetArn>';
Permissions
To operate on the permission_set resource, the following permissions are required:
Read
sso:DescribePermissionSet,
sso:ListTagsForResource,
sso:ListManagedPoliciesInPermissionSet,
sso:ListCustomerManagedPolicyReferencesInPermissionSet,
sso:GetInlinePolicyForPermissionSet,
sso:GetPermissionsBoundaryForPermissionSet
Update
sso:UpdatePermissionSet,
sso:TagResource,
sso:UntagResource,
sso:ListTagsForResource,
sso:AttachManagedPolicyToPermissionSet,
sso:AttachCustomerManagedPolicyReferenceToPermissionSet,
sso:DetachManagedPolicyFromPermissionSet,
sso:DetachCustomerManagedPolicyReferenceFromPermissionSet,
sso:ListManagedPoliciesInPermissionSet,
sso:ListCustomerManagedPolicyReferencesInPermissionSet,
sso:PutInlinePolicyToPermissionSet,
sso:GetPermissionsBoundaryForPermissionSet,
sso:DeletePermissionsBoundaryFromPermissionSet,
sso:PutPermissionsBoundaryToPermissionSet,
sso:DeleteInlinePolicyFromPermissionSet,
sso:ProvisionPermissionSet,
sso:DescribePermissionSet,
sso:GetInlinePolicyForPermissionSet,
sso:DescribePermissionSetProvisioningStatus
Delete
sso:DeletePermissionSet