pulumi-aws-kotlin/com.pulumi.aws.ssoadmin.kotlin/PermissionSetArgs

PermissionSetArgs

data class PermissionSetArgs(val description: Output<String>? = null, val instanceArn: Output<String>? = null, val name: Output<String>? = null, val relayState: Output<String>? = null, val sessionDuration: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<PermissionSetArgs>

Provides a Single Sign-On (SSO) Permission Set resource

NOTE: Updating this resource will automatically Provision the Permission Set to apply the corresponding updates to all assigned accounts.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.ssoadmin.getInstances({});
const examplePermissionSet = new aws.ssoadmin.PermissionSet("example", {
    name: "Example",
    description: "An example",
    instanceArn: example.then(example => example.arns?.[0]),
    relayState: "https://s3.console.aws.amazon.com/s3/home?region=us-east-1#",
    sessionDuration: "PT2H",
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.ssoadmin.get_instances()
example_permission_set = aws.ssoadmin.PermissionSet("example",
    name="Example",
    description="An example",
    instance_arn=example.arns[0],
    relay_state="https://s3.console.aws.amazon.com/s3/home?region=us-east-1#",
    session_duration="PT2H")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = Aws.SsoAdmin.GetInstances.Invoke();
    var examplePermissionSet = new Aws.SsoAdmin.PermissionSet("example", new()
    {
        Name = "Example",
        Description = "An example",
        InstanceArn = example.Apply(getInstancesResult => getInstancesResult.Arns[0]),
        RelayState = "https://s3.console.aws.amazon.com/s3/home?region=us-east-1#",
        SessionDuration = "PT2H",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssoadmin"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := ssoadmin.GetInstances(ctx, map[string]interface{}{}, nil)
		if err != nil {
			return err
		}
		_, err = ssoadmin.NewPermissionSet(ctx, "example", &ssoadmin.PermissionSetArgs{
			Name:            pulumi.String("Example"),
			Description:     pulumi.String("An example"),
			InstanceArn:     pulumi.String(example.Arns[0]),
			RelayState:      pulumi.String("https://s3.console.aws.amazon.com/s3/home?region=us-east-1#"),
			SessionDuration: pulumi.String("PT2H"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ssoadmin.SsoadminFunctions;
import com.pulumi.aws.ssoadmin.PermissionSet;
import com.pulumi.aws.ssoadmin.PermissionSetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var example = SsoadminFunctions.getInstances(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);
        var examplePermissionSet = new PermissionSet("examplePermissionSet", PermissionSetArgs.builder()
            .name("Example")
            .description("An example")
            .instanceArn(example.arns()[0])
            .relayState("https://s3.console.aws.amazon.com/s3/home?region=us-east-1#")
            .sessionDuration("PT2H")
            .build());
    }
}
Content copied to clipboard
resources:
  examplePermissionSet:
    type: aws:ssoadmin:PermissionSet
    name: example
    properties:
      name: Example
      description: An example
      instanceArn: ${example.arns[0]}
      relayState: https://s3.console.aws.amazon.com/s3/home?region=us-east-1#
      sessionDuration: PT2H
variables:
  example:
    fn::invoke:
      function: aws:ssoadmin:getInstances
      arguments: {}
Content copied to clipboard

Import

Using pulumi import, import SSO Permission Sets using the arn and instance_arn separated by a comma (,). For example:

$ pulumi import aws:ssoadmin/permissionSet:PermissionSet example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(description: Output<String>? = null, instanceArn: Output<String>? = null, name: Output<String>? = null, relayState: Output<String>? = null, sessionDuration: Output<String>? = null, tags: Output<Map<String, String>>? = null)

Properties

Link copied to clipboard
val description: Output<String>? = null

The description of the Permission Set.

Link copied to clipboard
val instanceArn: Output<String>? = null

The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.

Link copied to clipboard
val name: Output<String>? = null

The name of the Permission Set.

Link copied to clipboard
val relayState: Output<String>? = null

The relay state URL used to redirect users within the application during the federation authentication process.

Link copied to clipboard
val sessionDuration: Output<String>? = null

The length of time that the application user sessions are valid in the ISO-8601 standard. Default: PT1H.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

Key-value map of resource tags. .If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Functions

Link copied to clipboard
open override fun toJava(): PermissionSetArgs