Instance
Provides a Single Sign-On (SSO) ABAC Resource: https://docs.aws.amazon.com/singlesignon/latest/userguide/abac.html
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ssoadmin.getInstances({});
const exampleInstanceAccessControlAttributes = new aws.ssoadmin.InstanceAccessControlAttributes("example", {
instanceArn: example.then(example => example.arns?.[0]),
attributes: [
{
key: "name",
values: [{
sources: ["${path:name.givenName}"],
}],
},
{
key: "last",
values: [{
sources: ["${path:name.familyName}"],
}],
},
],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.ssoadmin.get_instances()
example_instance_access_control_attributes = aws.ssoadmin.InstanceAccessControlAttributes("example",
instance_arn=example.arns[0],
attributes=[
{
"key": "name",
"values": [{
"sources": ["${path:name.givenName}"],
}],
},
{
"key": "last",
"values": [{
"sources": ["${path:name.familyName}"],
}],
},
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.SsoAdmin.GetInstances.Invoke();
var exampleInstanceAccessControlAttributes = new Aws.SsoAdmin.InstanceAccessControlAttributes("example", new()
{
InstanceArn = example.Apply(getInstancesResult => getInstancesResult.Arns[0]),
Attributes = new[]
{
new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeArgs
{
Key = "name",
Values = new[]
{
new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeValueArgs
{
Sources = new[]
{
"${path:name.givenName}",
},
},
},
},
new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeArgs
{
Key = "last",
Values = new[]
{
new Aws.SsoAdmin.Inputs.InstanceAccessControlAttributesAttributeValueArgs
{
Sources = new[]
{
"${path:name.familyName}",
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := ssoadmin.GetInstances(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
_, err = ssoadmin.NewInstanceAccessControlAttributes(ctx, "example", &ssoadmin.InstanceAccessControlAttributesArgs{
InstanceArn: pulumi.String(example.Arns[0]),
Attributes: ssoadmin.InstanceAccessControlAttributesAttributeArray{
&ssoadmin.InstanceAccessControlAttributesAttributeArgs{
Key: pulumi.String("name"),
Values: ssoadmin.InstanceAccessControlAttributesAttributeValueArray{
&ssoadmin.InstanceAccessControlAttributesAttributeValueArgs{
Sources: pulumi.StringArray{
pulumi.String("${path:name.givenName}"),
},
},
},
},
&ssoadmin.InstanceAccessControlAttributesAttributeArgs{
Key: pulumi.String("last"),
Values: ssoadmin.InstanceAccessControlAttributesAttributeValueArray{
&ssoadmin.InstanceAccessControlAttributesAttributeValueArgs{
Sources: pulumi.StringArray{
pulumi.String("${path:name.familyName}"),
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ssoadmin.SsoadminFunctions;
import com.pulumi.aws.ssoadmin.InstanceAccessControlAttributes;
import com.pulumi.aws.ssoadmin.InstanceAccessControlAttributesArgs;
import com.pulumi.aws.ssoadmin.inputs.InstanceAccessControlAttributesAttributeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = SsoadminFunctions.getInstances(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);
var exampleInstanceAccessControlAttributes = new InstanceAccessControlAttributes("exampleInstanceAccessControlAttributes", InstanceAccessControlAttributesArgs.builder()
.instanceArn(example.arns()[0])
.attributes(
InstanceAccessControlAttributesAttributeArgs.builder()
.key("name")
.values(InstanceAccessControlAttributesAttributeValueArgs.builder()
.sources("${path:name.givenName}")
.build())
.build(),
InstanceAccessControlAttributesAttributeArgs.builder()
.key("last")
.values(InstanceAccessControlAttributesAttributeValueArgs.builder()
.sources("${path:name.familyName}")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
exampleInstanceAccessControlAttributes:
type: aws:ssoadmin:InstanceAccessControlAttributes
name: example
properties:
instanceArn: ${example.arns[0]}
attributes:
- key: name
values:
- sources:
- $${path:name.givenName}
- key: last
values:
- sources:
- $${path:name.familyName}
variables:
example:
fn::invoke:
function: aws:ssoadmin:getInstances
arguments: {}Content copied to clipboard
Import
Using pulumi import, import SSO Account Assignments using the instance_arn. For example:
$ pulumi import aws:ssoadmin/instanceAccessControlAttributes:InstanceAccessControlAttributes example arn:aws:sso:::instance/ssoins-0123456789abcdefContent copied to clipboard