CfnInstanceAccessControlAttributeConfigurationPropsMixin

class aws_cdk.mixins_preview.aws_sso.mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin(props, *, strategy=None)

Bases: Mixin

Enables the attribute-based access control (ABAC) feature for the specified IAM Identity Center instance.

You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the IAM Identity Center User Guide . .. epigraph:

The ``InstanceAccessControlAttributeConfiguration`` property has been deprecated but is still supported for backwards compatibility purposes. We recommend that you use the ``AccessControlAttributes`` property instead.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-instanceaccesscontrolattributeconfiguration.html

CloudformationResource:

AWS::SSO::InstanceAccessControlAttributeConfiguration

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_sso import mixins as sso_mixins

cfn_instance_access_control_attribute_configuration_props_mixin = sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin(sso_mixins.CfnInstanceAccessControlAttributeConfigurationMixinProps(
    access_control_attributes=[sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeProperty(
        key="key",
        value=sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(
            source=["source"]
        )
    )],
    instance_access_control_attribute_configuration=sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.InstanceAccessControlAttributeConfigurationProperty(
        access_control_attributes=[sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeProperty(
            key="key",
            value=sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(
                source=["source"]
            )
        )]
    ),
    instance_arn="instanceArn"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::SSO::InstanceAccessControlAttributeConfiguration.

Parameters:

• props (Union[CfnInstanceAccessControlAttributeConfigurationMixinProps, Dict[str, Any]]) – L1 properties to apply.

• strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['accessControlAttributes', 'instanceAccessControlAttributeConfiguration', 'instanceArn']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

AccessControlAttributeProperty

class CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeProperty(*, key=None, value=None)

Bases: object

These are IAM Identity Center identity store attributes that you can configure for use in attributes-based access control (ABAC).

You can create permissions policies that determine who can access your AWS resources based upon the configured attribute values. When you enable ABAC and specify AccessControlAttributes , IAM Identity Center passes the attribute values of the authenticated user into IAM for use in policy evaluation.

Parameters:

• key (Optional[str]) – The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .

• value (Union[IResolvable, AccessControlAttributeValueProperty, Dict[str, Any], None]) – The value used for mapping a specified attribute to an identity source.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_sso import mixins as sso_mixins

access_control_attribute_property = sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeProperty(
    key="key",
    value=sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(
        source=["source"]
    )
)

Attributes

key

The name of the attribute associated with your identities in your identity source.

This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-key

value

The value used for mapping a specified attribute to an identity source.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattribute-value

AccessControlAttributeValueProperty

class CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(*, source=None)

Bases: object

The value used for mapping a specified attribute to an identity source.

Parameters:

source (Optional[Sequence[str]]) – The identity source to use when mapping a specified attribute to IAM Identity Center .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_sso import mixins as sso_mixins

access_control_attribute_value_property = sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(
    source=["source"]
)

Attributes

source

The identity source to use when mapping a specified attribute to IAM Identity Center .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue.html#cfn-sso-instanceaccesscontrolattributeconfiguration-accesscontrolattributevalue-source

InstanceAccessControlAttributeConfigurationProperty

class CfnInstanceAccessControlAttributeConfigurationPropsMixin.InstanceAccessControlAttributeConfigurationProperty(*, access_control_attributes=None)

Bases: object

The InstanceAccessControlAttributeConfiguration property has been deprecated but is still supported for backwards compatibility purposes.

We recomend that you use AccessControlAttributes property instead.

Parameters:

access_control_attributes (Union[IResolvable, Sequence[Union[IResolvable, AccessControlAttributeProperty, Dict[str, Any]]], None])

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-instanceaccesscontrolattributeconfiguration.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_sso import mixins as sso_mixins

instance_access_control_attribute_configuration_property = sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.InstanceAccessControlAttributeConfigurationProperty(
    access_control_attributes=[sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeProperty(
        key="key",
        value=sso_mixins.CfnInstanceAccessControlAttributeConfigurationPropsMixin.AccessControlAttributeValueProperty(
            source=["source"]
        )
    )]
)

Attributes

access_control_attributes

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sso-instanceaccesscontrolattributeconfiguration-instanceaccesscontrolattributeconfiguration.html#cfn-sso-instanceaccesscontrolattributeconfiguration-instanceaccesscontrolattributeconfiguration-accesscontrolattributes

Type:

see