Package software.amazon.awscdk.services.sso

Interface CfnPermissionSetProps

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnPermissionSetProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)",
           date="2025-10-24T13:34:47.749Z")
@Stability(Stable)
public interface CfnPermissionSetProps
extends software.amazon.jsii.JsiiSerializable

Properties for defining a CfnPermissionSet.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.sso.*;
 Object inlinePolicy;
 CfnPermissionSetProps cfnPermissionSetProps = CfnPermissionSetProps.builder()
         .instanceArn("instanceArn")
         .name("name")
         // the properties below are optional
         .customerManagedPolicyReferences(List.of(CustomerManagedPolicyReferenceProperty.builder()
                 .name("name")
                 // the properties below are optional
                 .path("path")
                 .build()))
         .description("description")
         .inlinePolicy(inlinePolicy)
         .managedPolicies(List.of("managedPolicies"))
         .permissionsBoundary(PermissionsBoundaryProperty.builder()
                 .customerManagedPolicyReference(CustomerManagedPolicyReferenceProperty.builder()
                         .name("name")
                         // the properties below are optional
                         .path("path")
                         .build())
                 .managedPolicyArn("managedPolicyArn")
                 .build())
         .relayStateType("relayStateType")
         .sessionDuration("sessionDuration")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnPermissionSetProps.Builder	A builder for CfnPermissionSetProps
static final class	CfnPermissionSetProps.Jsii$Proxy	An implementation for CfnPermissionSetProps

Method Summary

Modifier and Type	Method	Description
static CfnPermissionSetProps.Builder	builder()
default Object	getCustomerManagedPolicyReferences()	Specifies the names and paths of the customer managed policies that you have attached to your permission set.
default String	getDescription()	The description of the PermissionSet .
default Object	getInlinePolicy()	The inline policy that is attached to the permission set.
String	getInstanceArn()	The ARN of the IAM Identity Center instance under which the operation will be executed.
default List<String>	getManagedPolicies()	A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.
String	getName()	The name of the permission set.
default Object	getPermissionsBoundary()	Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
default String	getRelayStateType()	Used to redirect users within the application during the federation authentication process.
default String	getSessionDuration()	The length of time that the application user sessions are valid for in the ISO-8601 standard.
default List<CfnTag>	getTags()	The tags to attach to the new PermissionSet .

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getInstanceArn

@Stability(Stable)
@NotNull
String getInstanceArn()

The ARN of the IAM Identity Center instance under which the operation will be executed.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-instancearn

getName

@Stability(Stable)
@NotNull
String getName()

The name of the permission set.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-name

getCustomerManagedPolicyReferences

@Stability(Stable)
@Nullable
default Object getCustomerManagedPolicyReferences()

Specifies the names and paths of the customer managed policies that you have attached to your permission set.

Returns union: either IResolvable or Listinvalid input: '<'either IResolvable or CfnPermissionSet.CustomerManagedPolicyReferenceProperty>

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-customermanagedpolicyreferences

getDescription

@Stability(Stable)
@Nullable
default String getDescription()

The description of the PermissionSet .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-description

getInlinePolicy

@Stability(Stable)
@Nullable
default Object getInlinePolicy()

The inline policy that is attached to the permission set.

For Length Constraints , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-inlinepolicy

getManagedPolicies

@Stability(Stable)
@Nullable
default List<String> getManagedPolicies()

A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-managedpolicies

getPermissionsBoundary

@Stability(Stable)
@Nullable
default Object getPermissionsBoundary()

Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.

Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .

Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .

Returns union: either IResolvable or CfnPermissionSet.PermissionsBoundaryProperty

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-permissionsboundary

getRelayStateType

@Stability(Stable)
@Nullable
default String getRelayStateType()

Used to redirect users within the application during the federation authentication process.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-relaystatetype

getSessionDuration

@Stability(Stable)
@Nullable
default String getSessionDuration()

The length of time that the application user sessions are valid for in the ISO-8601 standard.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-sessionduration

getTags

@Stability(Stable)
@Nullable
default List<CfnTag> getTags()

The tags to attach to the new PermissionSet .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-tags

builder

@Stability(Stable)
static CfnPermissionSetProps.Builder builder()

Returns:

a CfnPermissionSetProps.Builder of CfnPermissionSetProps