com.amazonaws.services.ssoadmin

Interface AWSSSOAdmin

All Known Subinterfaces:

AWSSSOAdminAsync

All Known Implementing Classes:

AbstractAWSSSOAdmin, AbstractAWSSSOAdminAsync, AWSSSOAdminAsyncClient, AWSSSOAdminClient

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public interface AWSSSOAdmin

Interface for accessing SSO Admin.

Note: Do not directly implement this interface, new methods are added to it regularly. Extend from AbstractAWSSSOAdmin instead.

Field Summary

Fields

Modifier and Type	Field and Description
static String	ENDPOINT_PREFIX The region metadata service name for computing region endpoints.

Method Summary

Modifier and Type	Method and Description
AttachManagedPolicyToPermissionSetResult	attachManagedPolicyToPermissionSet(AttachManagedPolicyToPermissionSetRequest attachManagedPolicyToPermissionSetRequest) Attaches an IAM managed policy ARN to a permission set.
CreateAccountAssignmentResult	createAccountAssignment(CreateAccountAssignmentRequest createAccountAssignmentRequest) Assigns access to a principal for a specified AWS account using a specified permission set.
CreateInstanceAccessControlAttributeConfigurationResult	createInstanceAccessControlAttributeConfiguration(CreateInstanceAccessControlAttributeConfigurationRequest createInstanceAccessControlAttributeConfigurationRequest) Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance.
CreatePermissionSetResult	createPermissionSet(CreatePermissionSetRequest createPermissionSetRequest) Creates a permission set within a specified SSO instance.
DeleteAccountAssignmentResult	deleteAccountAssignment(DeleteAccountAssignmentRequest deleteAccountAssignmentRequest) Deletes a principal's access from a specified AWS account using a specified permission set.
DeleteInlinePolicyFromPermissionSetResult	deleteInlinePolicyFromPermissionSet(DeleteInlinePolicyFromPermissionSetRequest deleteInlinePolicyFromPermissionSetRequest) Deletes the inline policy from a specified permission set.
DeleteInstanceAccessControlAttributeConfigurationResult	deleteInstanceAccessControlAttributeConfiguration(DeleteInstanceAccessControlAttributeConfigurationRequest deleteInstanceAccessControlAttributeConfigurationRequest) Disables the attributes-based access control (ABAC) feature for the specified AWS SSO instance and deletes all of the attribute mappings that have been configured.
DeletePermissionSetResult	deletePermissionSet(DeletePermissionSetRequest deletePermissionSetRequest) Deletes the specified permission set.
DescribeAccountAssignmentCreationStatusResult	describeAccountAssignmentCreationStatus(DescribeAccountAssignmentCreationStatusRequest describeAccountAssignmentCreationStatusRequest) Describes the status of the assignment creation request.
DescribeAccountAssignmentDeletionStatusResult	describeAccountAssignmentDeletionStatus(DescribeAccountAssignmentDeletionStatusRequest describeAccountAssignmentDeletionStatusRequest) Describes the status of the assignment deletion request.
DescribeInstanceAccessControlAttributeConfigurationResult	describeInstanceAccessControlAttributeConfiguration(DescribeInstanceAccessControlAttributeConfigurationRequest describeInstanceAccessControlAttributeConfigurationRequest) Returns the list of AWS SSO identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified AWS SSO instance.
DescribePermissionSetResult	describePermissionSet(DescribePermissionSetRequest describePermissionSetRequest) Gets the details of the permission set.
DescribePermissionSetProvisioningStatusResult	describePermissionSetProvisioningStatus(DescribePermissionSetProvisioningStatusRequest describePermissionSetProvisioningStatusRequest) Describes the status for the given permission set provisioning request.
DetachManagedPolicyFromPermissionSetResult	detachManagedPolicyFromPermissionSet(DetachManagedPolicyFromPermissionSetRequest detachManagedPolicyFromPermissionSetRequest) Detaches the attached IAM managed policy ARN from the specified permission set.
ResponseMetadata	getCachedResponseMetadata(AmazonWebServiceRequest request) Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected.
GetInlinePolicyForPermissionSetResult	getInlinePolicyForPermissionSet(GetInlinePolicyForPermissionSetRequest getInlinePolicyForPermissionSetRequest) Obtains the inline policy assigned to the permission set.
ListAccountAssignmentCreationStatusResult	listAccountAssignmentCreationStatus(ListAccountAssignmentCreationStatusRequest listAccountAssignmentCreationStatusRequest) Lists the status of the AWS account assignment creation requests for a specified SSO instance.
ListAccountAssignmentDeletionStatusResult	listAccountAssignmentDeletionStatus(ListAccountAssignmentDeletionStatusRequest listAccountAssignmentDeletionStatusRequest) Lists the status of the AWS account assignment deletion requests for a specified SSO instance.
ListAccountAssignmentsResult	listAccountAssignments(ListAccountAssignmentsRequest listAccountAssignmentsRequest) Lists the assignee of the specified AWS account with the specified permission set.
ListAccountsForProvisionedPermissionSetResult	listAccountsForProvisionedPermissionSet(ListAccountsForProvisionedPermissionSetRequest listAccountsForProvisionedPermissionSetRequest) Lists all the AWS accounts where the specified permission set is provisioned.
ListInstancesResult	listInstances(ListInstancesRequest listInstancesRequest) Lists the SSO instances that the caller has access to.
ListManagedPoliciesInPermissionSetResult	listManagedPoliciesInPermissionSet(ListManagedPoliciesInPermissionSetRequest listManagedPoliciesInPermissionSetRequest) Lists the IAM managed policy that is attached to a specified permission set.
ListPermissionSetProvisioningStatusResult	listPermissionSetProvisioningStatus(ListPermissionSetProvisioningStatusRequest listPermissionSetProvisioningStatusRequest) Lists the status of the permission set provisioning requests for a specified SSO instance.
ListPermissionSetsResult	listPermissionSets(ListPermissionSetsRequest listPermissionSetsRequest) Lists the PermissionSets in an SSO instance.
ListPermissionSetsProvisionedToAccountResult	listPermissionSetsProvisionedToAccount(ListPermissionSetsProvisionedToAccountRequest listPermissionSetsProvisionedToAccountRequest) Lists all the permission sets that are provisioned to a specified AWS account.
ListTagsForResourceResult	listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) Lists the tags that are attached to a specified resource.
ProvisionPermissionSetResult	provisionPermissionSet(ProvisionPermissionSetRequest provisionPermissionSetRequest) The process by which a specified permission set is provisioned to the specified target.
PutInlinePolicyToPermissionSetResult	putInlinePolicyToPermissionSet(PutInlinePolicyToPermissionSetRequest putInlinePolicyToPermissionSetRequest) Attaches an IAM inline policy to a permission set.
void	shutdown() Shuts down this client object, releasing any resources that might be held open.
TagResourceResult	tagResource(TagResourceRequest tagResourceRequest) Associates a set of tags with a specified resource.
UntagResourceResult	untagResource(UntagResourceRequest untagResourceRequest) Disassociates a set of tags from a specified resource.
UpdateInstanceAccessControlAttributeConfigurationResult	updateInstanceAccessControlAttributeConfiguration(UpdateInstanceAccessControlAttributeConfigurationRequest updateInstanceAccessControlAttributeConfigurationRequest) Updates the AWS SSO identity store attributes to use with the AWS SSO instance for attributes-based access control (ABAC).
UpdatePermissionSetResult	updatePermissionSet(UpdatePermissionSetRequest updatePermissionSetRequest) Updates an existing permission set.

Field Detail

ENDPOINT_PREFIX

static final String ENDPOINT_PREFIX

The region metadata service name for computing region endpoints. You can use this value to retrieve metadata (such as supported regions) of the service.

See Also:

RegionUtils.getRegionsForService(String), Constant Field Values

Method Detail

attachManagedPolicyToPermissionSet

AttachManagedPolicyToPermissionSetResult attachManagedPolicyToPermissionSet(AttachManagedPolicyToPermissionSetRequest attachManagedPolicyToPermissionSetRequest)

Attaches an IAM managed policy ARN to a permission set.

If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet after this action to apply the corresponding IAM policy updates to all assigned accounts.

Parameters:

attachManagedPolicyToPermissionSetRequest -

Returns:

Result of the AttachManagedPolicyToPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ServiceQuotaExceededException - Indicates that the principal has crossed the permitted number of resources that can be created.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

createAccountAssignment

CreateAccountAssignmentResult createAccountAssignment(CreateAccountAssignmentRequest createAccountAssignmentRequest)

Assigns access to a principal for a specified AWS account using a specified permission set.

The term principal here refers to a user or group that is defined in AWS SSO.

As part of a successful CreateAccountAssignment call, the specified permission set will automatically be provisioned to the account in the form of an IAM policy attached to the SSO-created IAM role. If the permission set is subsequently updated, the corresponding IAM policies attached to roles in your accounts will not be updated automatically. In this case, you will need to call ProvisionPermissionSet to make these updates.

Parameters:

createAccountAssignmentRequest -

Returns:

Result of the CreateAccountAssignment operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ServiceQuotaExceededException - Indicates that the principal has crossed the permitted number of resources that can be created.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

createInstanceAccessControlAttributeConfiguration

CreateInstanceAccessControlAttributeConfigurationResult createInstanceAccessControlAttributeConfiguration(CreateInstanceAccessControlAttributeConfigurationRequest createInstanceAccessControlAttributeConfigurationRequest)

Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.

Parameters:

createInstanceAccessControlAttributeConfigurationRequest -

Returns:

Result of the CreateInstanceAccessControlAttributeConfiguration operation returned by the service.

Throws:

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

AccessDeniedException - You do not have sufficient access to perform this action.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

ResourceNotFoundException - Indicates that a requested resource is not found.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

createPermissionSet

CreatePermissionSetResult createPermissionSet(CreatePermissionSetRequest createPermissionSetRequest)

Creates a permission set within a specified SSO instance.

To grant users and groups access to AWS account resources, use CreateAccountAssignment .

Parameters:

createPermissionSetRequest -

Returns:

Result of the CreatePermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ServiceQuotaExceededException - Indicates that the principal has crossed the permitted number of resources that can be created.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

deleteAccountAssignment

DeleteAccountAssignmentResult deleteAccountAssignment(DeleteAccountAssignmentRequest deleteAccountAssignmentRequest)

Deletes a principal's access from a specified AWS account using a specified permission set.

Parameters:

deleteAccountAssignmentRequest -

Returns:

Result of the DeleteAccountAssignment operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

deleteInlinePolicyFromPermissionSet

DeleteInlinePolicyFromPermissionSetResult deleteInlinePolicyFromPermissionSet(DeleteInlinePolicyFromPermissionSetRequest deleteInlinePolicyFromPermissionSetRequest)

Deletes the inline policy from a specified permission set.

Parameters:

deleteInlinePolicyFromPermissionSetRequest -

Returns:

Result of the DeleteInlinePolicyFromPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

deleteInstanceAccessControlAttributeConfiguration

DeleteInstanceAccessControlAttributeConfigurationResult deleteInstanceAccessControlAttributeConfiguration(DeleteInstanceAccessControlAttributeConfigurationRequest deleteInstanceAccessControlAttributeConfigurationRequest)

Disables the attributes-based access control (ABAC) feature for the specified AWS SSO instance and deletes all of the attribute mappings that have been configured. Once deleted, any attributes that are received from an identity source and any custom attributes you have previously configured will not be passed. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.

Parameters:

deleteInstanceAccessControlAttributeConfigurationRequest -

Returns:

Result of the DeleteInstanceAccessControlAttributeConfiguration operation returned by the service.

Throws:

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

AccessDeniedException - You do not have sufficient access to perform this action.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

ResourceNotFoundException - Indicates that a requested resource is not found.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

deletePermissionSet

DeletePermissionSetResult deletePermissionSet(DeletePermissionSetRequest deletePermissionSetRequest)

Deletes the specified permission set.

Parameters:

deletePermissionSetRequest -

Returns:

Result of the DeletePermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

describeAccountAssignmentCreationStatus

DescribeAccountAssignmentCreationStatusResult describeAccountAssignmentCreationStatus(DescribeAccountAssignmentCreationStatusRequest describeAccountAssignmentCreationStatusRequest)

Describes the status of the assignment creation request.

Parameters:

describeAccountAssignmentCreationStatusRequest -

Returns:

Result of the DescribeAccountAssignmentCreationStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

describeAccountAssignmentDeletionStatus

DescribeAccountAssignmentDeletionStatusResult describeAccountAssignmentDeletionStatus(DescribeAccountAssignmentDeletionStatusRequest describeAccountAssignmentDeletionStatusRequest)

Describes the status of the assignment deletion request.

Parameters:

describeAccountAssignmentDeletionStatusRequest -

Returns:

Result of the DescribeAccountAssignmentDeletionStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

describeInstanceAccessControlAttributeConfiguration

DescribeInstanceAccessControlAttributeConfigurationResult describeInstanceAccessControlAttributeConfiguration(DescribeInstanceAccessControlAttributeConfigurationRequest describeInstanceAccessControlAttributeConfigurationRequest)

Returns the list of AWS SSO identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified AWS SSO instance. This will not return attributes configured and sent by an external identity provider. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.

Parameters:

describeInstanceAccessControlAttributeConfigurationRequest -

Returns:

Result of the DescribeInstanceAccessControlAttributeConfiguration operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

AccessDeniedException - You do not have sufficient access to perform this action.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

See Also:

AWS API Documentation

describePermissionSet

DescribePermissionSetResult describePermissionSet(DescribePermissionSetRequest describePermissionSetRequest)

Gets the details of the permission set.

Parameters:

describePermissionSetRequest -

Returns:

Result of the DescribePermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

describePermissionSetProvisioningStatus

DescribePermissionSetProvisioningStatusResult describePermissionSetProvisioningStatus(DescribePermissionSetProvisioningStatusRequest describePermissionSetProvisioningStatusRequest)

Describes the status for the given permission set provisioning request.

Parameters:

describePermissionSetProvisioningStatusRequest -

Returns:

Result of the DescribePermissionSetProvisioningStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

detachManagedPolicyFromPermissionSet

DetachManagedPolicyFromPermissionSetResult detachManagedPolicyFromPermissionSet(DetachManagedPolicyFromPermissionSetRequest detachManagedPolicyFromPermissionSetRequest)

Detaches the attached IAM managed policy ARN from the specified permission set.

Parameters:

detachManagedPolicyFromPermissionSetRequest -

Returns:

Result of the DetachManagedPolicyFromPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

getInlinePolicyForPermissionSet

GetInlinePolicyForPermissionSetResult getInlinePolicyForPermissionSet(GetInlinePolicyForPermissionSetRequest getInlinePolicyForPermissionSetRequest)

Obtains the inline policy assigned to the permission set.

Parameters:

getInlinePolicyForPermissionSetRequest -

Returns:

Result of the GetInlinePolicyForPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAccountAssignmentCreationStatus

ListAccountAssignmentCreationStatusResult listAccountAssignmentCreationStatus(ListAccountAssignmentCreationStatusRequest listAccountAssignmentCreationStatusRequest)

Lists the status of the AWS account assignment creation requests for a specified SSO instance.

Parameters:

listAccountAssignmentCreationStatusRequest -

Returns:

Result of the ListAccountAssignmentCreationStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAccountAssignmentDeletionStatus

ListAccountAssignmentDeletionStatusResult listAccountAssignmentDeletionStatus(ListAccountAssignmentDeletionStatusRequest listAccountAssignmentDeletionStatusRequest)

Lists the status of the AWS account assignment deletion requests for a specified SSO instance.

Parameters:

listAccountAssignmentDeletionStatusRequest -

Returns:

Result of the ListAccountAssignmentDeletionStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAccountAssignments

ListAccountAssignmentsResult listAccountAssignments(ListAccountAssignmentsRequest listAccountAssignmentsRequest)

Lists the assignee of the specified AWS account with the specified permission set.

Parameters:

listAccountAssignmentsRequest -

Returns:

Result of the ListAccountAssignments operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAccountsForProvisionedPermissionSet

ListAccountsForProvisionedPermissionSetResult listAccountsForProvisionedPermissionSet(ListAccountsForProvisionedPermissionSetRequest listAccountsForProvisionedPermissionSetRequest)

Lists all the AWS accounts where the specified permission set is provisioned.

Parameters:

listAccountsForProvisionedPermissionSetRequest -

Returns:

Result of the ListAccountsForProvisionedPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listInstances

ListInstancesResult listInstances(ListInstancesRequest listInstancesRequest)

Lists the SSO instances that the caller has access to.

Parameters:

listInstancesRequest -

Returns:

Result of the ListInstances operation returned by the service.

Throws:

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

AccessDeniedException - You do not have sufficient access to perform this action.

ValidationException - The request failed because it contains a syntax error.

See Also:

AWS API Documentation

listManagedPoliciesInPermissionSet

ListManagedPoliciesInPermissionSetResult listManagedPoliciesInPermissionSet(ListManagedPoliciesInPermissionSetRequest listManagedPoliciesInPermissionSetRequest)

Lists the IAM managed policy that is attached to a specified permission set.

Parameters:

listManagedPoliciesInPermissionSetRequest -

Returns:

Result of the ListManagedPoliciesInPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listPermissionSetProvisioningStatus

ListPermissionSetProvisioningStatusResult listPermissionSetProvisioningStatus(ListPermissionSetProvisioningStatusRequest listPermissionSetProvisioningStatusRequest)

Lists the status of the permission set provisioning requests for a specified SSO instance.

Parameters:

listPermissionSetProvisioningStatusRequest -

Returns:

Result of the ListPermissionSetProvisioningStatus operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listPermissionSets

ListPermissionSetsResult listPermissionSets(ListPermissionSetsRequest listPermissionSetsRequest)

Lists the PermissionSets in an SSO instance.

Parameters:

listPermissionSetsRequest -

Returns:

Result of the ListPermissionSets operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listPermissionSetsProvisionedToAccount

ListPermissionSetsProvisionedToAccountResult listPermissionSetsProvisionedToAccount(ListPermissionSetsProvisionedToAccountRequest listPermissionSetsProvisionedToAccountRequest)

Lists all the permission sets that are provisioned to a specified AWS account.

Parameters:

listPermissionSetsProvisionedToAccountRequest -

Returns:

Result of the ListPermissionSetsProvisionedToAccount operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listTagsForResource

ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest)

Lists the tags that are attached to a specified resource.

Parameters:

listTagsForResourceRequest -

Returns:

Result of the ListTagsForResource operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

provisionPermissionSet

ProvisionPermissionSetResult provisionPermissionSet(ProvisionPermissionSetRequest provisionPermissionSetRequest)

The process by which a specified permission set is provisioned to the specified target.

Parameters:

provisionPermissionSetRequest -

Returns:

Result of the ProvisionPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

putInlinePolicyToPermissionSet

PutInlinePolicyToPermissionSetResult putInlinePolicyToPermissionSet(PutInlinePolicyToPermissionSetRequest putInlinePolicyToPermissionSetRequest)

Attaches an IAM inline policy to a permission set.

If the permission set is already referenced by one or more account assignments, you will need to call ProvisionPermissionSet after this action to apply the corresponding IAM policy updates to all assigned accounts.

Parameters:

putInlinePolicyToPermissionSetRequest -

Returns:

Result of the PutInlinePolicyToPermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ServiceQuotaExceededException - Indicates that the principal has crossed the permitted number of resources that can be created.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

tagResource

TagResourceResult tagResource(TagResourceRequest tagResourceRequest)

Associates a set of tags with a specified resource.

Parameters:

tagResourceRequest -

Returns:

Result of the TagResource operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ServiceQuotaExceededException - Indicates that the principal has crossed the permitted number of resources that can be created.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

untagResource

UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest)

Disassociates a set of tags from a specified resource.

Parameters:

untagResourceRequest -

Returns:

Result of the UntagResource operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

updateInstanceAccessControlAttributeConfiguration

UpdateInstanceAccessControlAttributeConfigurationResult updateInstanceAccessControlAttributeConfiguration(UpdateInstanceAccessControlAttributeConfigurationRequest updateInstanceAccessControlAttributeConfigurationRequest)

Updates the AWS SSO identity store attributes to use with the AWS SSO instance for attributes-based access control (ABAC). When using an external identity provider as an identity source, you can pass attributes through the SAML assertion as an alternative to configuring attributes from the AWS SSO identity store. If a SAML assertion passes any of these attributes, AWS SSO will replace the attribute value with the value from the AWS SSO identity store. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.

Parameters:

updateInstanceAccessControlAttributeConfigurationRequest -

Returns:

Result of the UpdateInstanceAccessControlAttributeConfiguration operation returned by the service.

Throws:

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

AccessDeniedException - You do not have sufficient access to perform this action.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

ResourceNotFoundException - Indicates that a requested resource is not found.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

updatePermissionSet

UpdatePermissionSetResult updatePermissionSet(UpdatePermissionSetRequest updatePermissionSetRequest)

Updates an existing permission set.

Parameters:

updatePermissionSetRequest -

Returns:

Result of the UpdatePermissionSet operation returned by the service.

Throws:

ResourceNotFoundException - Indicates that a requested resource is not found.

InternalServerException - The request processing has failed because of an unknown error, exception, or failure with an internal server.

ThrottlingException - Indicates that the principal has crossed the throttling limits of the API operations.

ValidationException - The request failed because it contains a syntax error.

AccessDeniedException - You do not have sufficient access to perform this action.

ConflictException - Occurs when a conflict with a previous successful write is detected. This generally occurs when the previous write did not have time to propagate to the host serving the current request. A retry (with appropriate backoff logic) is the recommended response to this exception.

See Also:

AWS API Documentation

shutdown

void shutdown()

Shuts down this client object, releasing any resources that might be held open. This is an optional method, and callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client has been shutdown, it should not be used to make any more requests.

getCachedResponseMetadata

ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)

Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.

Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing a request.

Parameters:

request - The originally executed request.

Returns:

The response metadata for the specified request, or null if none is available.