pulumi-aws-kotlin/com.pulumi.aws.ssoadmin.kotlin/PermissionsBoundaryAttachmentArgs

PermissionsBoundaryAttachmentArgs

data class PermissionsBoundaryAttachmentArgs(val instanceArn: Output<String>? = null, val permissionSetArn: Output<String>? = null, val permissionsBoundary: Output<PermissionsBoundaryAttachmentPermissionsBoundaryArgs>? = null) : ConvertibleToJava<PermissionsBoundaryAttachmentArgs>

Attaches a permissions boundary policy to a Single Sign-On (SSO) Permission Set resource.

NOTE: A permission set can have at most one permissions boundary attached; using more than one aws.ssoadmin.PermissionsBoundaryAttachment references the same permission set will show a permanent difference.

Example Usage

Attaching an AWS-managed policy

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachment;
import com.pulumi.aws.ssoadmin.PermissionsBoundaryAttachmentArgs;
import com.pulumi.aws.ssoadmin.inputs.PermissionsBoundaryAttachmentPermissionsBoundaryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new PermissionsBoundaryAttachment("example", PermissionsBoundaryAttachmentArgs.builder()
            .instanceArn(aws_ssoadmin_permission_set.example().instance_arn())
            .permissionSetArn(aws_ssoadmin_permission_set.example().arn())
            .permissionsBoundary(PermissionsBoundaryAttachmentPermissionsBoundaryArgs.builder()
                .managedPolicyArn("arn:aws:iam::aws:policy/ReadOnlyAccess")
                .build())
            .build());
    }
}
Content copied to clipboard

Import

SSO Admin Permissions Boundary Attachments can be imported using the permission_set_arn and instance_arn, separated by a comma (,) e.g.,

$ pulumi import aws:ssoadmin/permissionsBoundaryAttachment:PermissionsBoundaryAttachment example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(instanceArn: Output<String>? = null, permissionSetArn: Output<String>? = null, permissionsBoundary: Output<PermissionsBoundaryAttachmentPermissionsBoundaryArgs>? = null)

Properties

Link copied to clipboard
val instanceArn: Output<String>? = null

The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.

Link copied to clipboard
val permissionsBoundary: Output<PermissionsBoundaryAttachmentPermissionsBoundaryArgs>? = null

The permissions boundary policy. See below.

Link copied to clipboard
val permissionSetArn: Output<String>? = null

The Amazon Resource Name (ARN) of the Permission Set.

Functions

Link copied to clipboard
open override fun toJava(): PermissionsBoundaryAttachmentArgs