IAM Configuration items.

Hierarchy

  • IamConfigTypes

Constructors

Properties

activeDirectoryConfigurationInstanceConfig: TypeC<{
    adConnectorGroup: SizedType<string, Type<string, string, unknown>>;
    adGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    adPasswordPolicy: TypeC<{
        complexity: BooleanC;
        failedAttempts: NumberC;
        history: NumberC;
        lockoutAttemptsReset: NumberC;
        lockoutDuration: NumberC;
        maximumAge: NumberC;
        minimumAge: NumberC;
        minimumLength: NumberC;
        reversible: BooleanC;
    }>;
    adPerAccountGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    adUsers: ArrayC<TypeC<{
        email: SizedType<string, Type<string, string, unknown>>;
        groups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        name: SizedType<string, Type<string, string, unknown>>;
    }>>;
    enableTerminationProtection: OptionalType<BooleanC>;
    imagePath: SizedType<string, Type<string, string, unknown>>;
    instanceRole: SizedType<string, Type<string, string, unknown>>;
    instanceType: SizedType<string, Type<string, string, unknown>>;
    securityGroupInboundSources: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    subnetName: SizedType<string, Type<string, string, unknown>>;
    userDataScripts: ArrayC<TypeC<{
        scriptFilePath: SizedType<string, Type<string, string, unknown>>;
        scriptName: SizedType<string, Type<string, string, unknown>>;
    }>>;
    vpcName: SizedType<string, Type<string, string, unknown>>;
}> = ...

Managed active directory configuration instance config

activeDirectoryConfigurationInstanceUserDataConfig: TypeC<{
    scriptFilePath: SizedType<string, Type<string, string, unknown>>;
    scriptName: SizedType<string, Type<string, string, unknown>>;
}> = ...

Managed active directory configuration instance user data script configuration

activeDirectoryPasswordPolicyConfig: TypeC<{
    complexity: BooleanC;
    failedAttempts: NumberC;
    history: NumberC;
    lockoutAttemptsReset: NumberC;
    lockoutDuration: NumberC;
    maximumAge: NumberC;
    minimumAge: NumberC;
    minimumLength: NumberC;
    reversible: BooleanC;
}> = ...

Managed active directory user password policy

activeDirectoryUserConfig: TypeC<{
    email: SizedType<string, Type<string, string, unknown>>;
    groups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    name: SizedType<string, Type<string, string, unknown>>;
}> = ...

Managed active directory user configuration

assumedByConfig: TypeC<{
    principal: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    type: EnumType<"service" | "account" | "provider">;
}> = ...

AssumedBy configuration

assumedByTypeEnum: EnumType<"service" | "account" | "provider"> = ...

An enum for assume by configuration

Possible values service, account or provider

customerManagedPolicyReferenceConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
}> = ...

Customer Managed Policy Reference Config

groupConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    policies: OptionalType<TypeC<{
        awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>;
}> = ...

IAM group configuration

groupSetConfig: TypeC<{
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    groups: ArrayC<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        policies: OptionalType<TypeC<{
            awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
    }>>;
}> = ...

Group set configuration

iamConfig: TypeC<{
    groupSets: OptionalType<ArrayC<TypeC<{
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        groups: ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            policies: OptionalType<TypeC<{
                awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
        }>>;
    }>>>;
    identityCenter: OptionalType<TypeC<{
        delegatedAdminAccount: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        identityCenterAssignments: OptionalType<ArrayC<TypeC<{
            deploymentTargets: TypeC<{
                accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>;
            name: SizedType<string, Type<string, string, unknown>>;
            permissionSetName: SizedType<string, Type<string, string, unknown>>;
            principalId: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            principalType: OptionalType<EnumType<"USER" | "GROUP">>;
            principals: OptionalType<ArrayC<TypeC<{
                name: SizedType<string, Type<string, string, unknown>>;
                type: SizedType<string, Type<string, string, unknown>>;
            }>>>;
        }>>>;
        identityCenterPermissionSets: OptionalType<ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            policies: OptionalType<TypeC<{
                acceleratorManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                inlinePolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                permissionsBoundary: OptionalType<TypeC<{
                    awsManagedPolicyName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    customerManagedPolicy: OptionalType<TypeC<{
                        name: SizedType<string, Type<string, string, unknown>>;
                        path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                    }>>;
                }>>;
            }>>;
            sessionDuration: OptionalType<NumberC>;
        }>>>;
        name: SizedType<string, Type<string, string, unknown>>;
    }>>;
    managedActiveDirectories: OptionalType<ArrayC<TypeC<{
        account: SizedType<string, Type<string, string, unknown>>;
        activeDirectoryConfigurationInstance: OptionalType<TypeC<{
            adConnectorGroup: SizedType<string, Type<string, string, unknown>>;
            adGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            adPasswordPolicy: TypeC<{
                complexity: BooleanC;
                failedAttempts: NumberC;
                history: NumberC;
                lockoutAttemptsReset: NumberC;
                lockoutDuration: NumberC;
                maximumAge: NumberC;
                minimumAge: NumberC;
                minimumLength: NumberC;
                reversible: BooleanC;
            }>;
            adPerAccountGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            adUsers: ArrayC<TypeC<{
                email: SizedType<string, Type<string, string, unknown>>;
                groups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
                name: SizedType<string, Type<string, string, unknown>>;
            }>>;
            enableTerminationProtection: OptionalType<BooleanC>;
            imagePath: SizedType<string, Type<string, string, unknown>>;
            instanceRole: SizedType<string, Type<string, string, unknown>>;
            instanceType: SizedType<string, Type<string, string, unknown>>;
            securityGroupInboundSources: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            subnetName: SizedType<string, Type<string, string, unknown>>;
            userDataScripts: ArrayC<TypeC<{
                scriptFilePath: SizedType<string, Type<string, string, unknown>>;
                scriptName: SizedType<string, Type<string, string, unknown>>;
            }>>;
            vpcName: SizedType<string, Type<string, string, unknown>>;
        }>>;
        description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        dnsName: SizedType<string, Type<string, string, unknown>>;
        edition: EnumType<string>;
        logs: OptionalType<TypeC<{
            groupName: SizedType<string, Type<string, string, unknown>>;
            retentionInDays: OptionalType<NumberC>;
        }>>;
        name: SizedType<string, Type<string, string, unknown>>;
        netBiosDomainName: SizedType<string, Type<string, string, unknown>>;
        region: EnumType<string>;
        resolverRuleName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        secretConfig: OptionalType<TypeC<{
            account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            adminSecretName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            region: OptionalType<EnumType<string>>;
        }>>;
        sharedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        sharedOrganizationalUnits: OptionalType<TypeC<{
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        }>>;
        vpcSettings: TypeC<{
            subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            vpcName: SizedType<string, Type<string, string, unknown>>;
        }>;
    }>>>;
    policySets: OptionalType<ArrayC<TypeC<{
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        identityCenterDependency: OptionalType<BooleanC>;
        policies: ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            policy: SizedType<string, Type<string, string, unknown>>;
        }>>;
    }>>>;
    providers: OptionalType<ArrayC<TypeC<{
        metadataDocument: SizedType<string, Type<string, string, unknown>>;
        name: SizedType<string, Type<string, string, unknown>>;
    }>>>;
    roleSets: OptionalType<ArrayC<TypeC<{
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        roles: ArrayC<TypeC<{
            assumedBy: ArrayC<TypeC<{
                principal: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                type: EnumType<"service" | "account" | "provider">;
            }>>;
            boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            instanceProfile: OptionalType<BooleanC>;
            name: SizedType<string, Type<string, string, unknown>>;
            policies: OptionalType<TypeC<{
                awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
                customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            }>>;
        }>>;
    }>>>;
    userSets: OptionalType<ArrayC<TypeC<{
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        users: ArrayC<TypeC<{
            boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            group: SizedType<string, Type<string, string, unknown>>;
            username: SizedType<string, Type<string, string, unknown>>;
        }>>;
    }>>>;
}> = ...

IAM configuration

identityCenterAssignmentConfig: TypeC<{
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    name: SizedType<string, Type<string, string, unknown>>;
    permissionSetName: SizedType<string, Type<string, string, unknown>>;
    principalId: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    principalType: OptionalType<EnumType<"USER" | "GROUP">>;
    principals: OptionalType<ArrayC<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        type: SizedType<string, Type<string, string, unknown>>;
    }>>>;
}> = ...

Identity Center Assignment configuration

identityCenterAssignmentPrincipalConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    type: SizedType<string, Type<string, string, unknown>>;
}> = ...
identityCenterConfig: TypeC<{
    delegatedAdminAccount: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    identityCenterAssignments: OptionalType<ArrayC<TypeC<{
        deploymentTargets: TypeC<{
            accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>;
        name: SizedType<string, Type<string, string, unknown>>;
        permissionSetName: SizedType<string, Type<string, string, unknown>>;
        principalId: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        principalType: OptionalType<EnumType<"USER" | "GROUP">>;
        principals: OptionalType<ArrayC<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            type: SizedType<string, Type<string, string, unknown>>;
        }>>>;
    }>>>;
    identityCenterPermissionSets: OptionalType<ArrayC<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        policies: OptionalType<TypeC<{
            acceleratorManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            inlinePolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            permissionsBoundary: OptionalType<TypeC<{
                awsManagedPolicyName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                customerManagedPolicy: OptionalType<TypeC<{
                    name: SizedType<string, Type<string, string, unknown>>;
                    path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
                }>>;
            }>>;
        }>>;
        sessionDuration: OptionalType<NumberC>;
    }>>>;
    name: SizedType<string, Type<string, string, unknown>>;
}> = ...

Identity Center configuration

identityCenterPermissionSetConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    policies: OptionalType<TypeC<{
        acceleratorManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        inlinePolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        permissionsBoundary: OptionalType<TypeC<{
            awsManagedPolicyName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            customerManagedPolicy: OptionalType<TypeC<{
                name: SizedType<string, Type<string, string, unknown>>;
                path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            }>>;
        }>>;
    }>>;
    sessionDuration: OptionalType<NumberC>;
}> = ...

Identity Center Permission Set configuration

identityCenterPoliciesConfig: TypeC<{
    acceleratorManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    inlinePolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    permissionsBoundary: OptionalType<TypeC<{
        awsManagedPolicyName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        customerManagedPolicy: OptionalType<TypeC<{
            name: SizedType<string, Type<string, string, unknown>>;
            path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        }>>;
    }>>;
}> = ...

Identity Center IAM policies config

managedActiveDirectoryConfig: TypeC<{
    account: SizedType<string, Type<string, string, unknown>>;
    activeDirectoryConfigurationInstance: OptionalType<TypeC<{
        adConnectorGroup: SizedType<string, Type<string, string, unknown>>;
        adGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        adPasswordPolicy: TypeC<{
            complexity: BooleanC;
            failedAttempts: NumberC;
            history: NumberC;
            lockoutAttemptsReset: NumberC;
            lockoutDuration: NumberC;
            maximumAge: NumberC;
            minimumAge: NumberC;
            minimumLength: NumberC;
            reversible: BooleanC;
        }>;
        adPerAccountGroups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        adUsers: ArrayC<TypeC<{
            email: SizedType<string, Type<string, string, unknown>>;
            groups: ArrayC<SizedType<string, Type<string, string, unknown>>>;
            name: SizedType<string, Type<string, string, unknown>>;
        }>>;
        enableTerminationProtection: OptionalType<BooleanC>;
        imagePath: SizedType<string, Type<string, string, unknown>>;
        instanceRole: SizedType<string, Type<string, string, unknown>>;
        instanceType: SizedType<string, Type<string, string, unknown>>;
        securityGroupInboundSources: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        subnetName: SizedType<string, Type<string, string, unknown>>;
        userDataScripts: ArrayC<TypeC<{
            scriptFilePath: SizedType<string, Type<string, string, unknown>>;
            scriptName: SizedType<string, Type<string, string, unknown>>;
        }>>;
        vpcName: SizedType<string, Type<string, string, unknown>>;
    }>>;
    description: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    dnsName: SizedType<string, Type<string, string, unknown>>;
    edition: EnumType<string>;
    logs: OptionalType<TypeC<{
        groupName: SizedType<string, Type<string, string, unknown>>;
        retentionInDays: OptionalType<NumberC>;
    }>>;
    name: SizedType<string, Type<string, string, unknown>>;
    netBiosDomainName: SizedType<string, Type<string, string, unknown>>;
    region: EnumType<string>;
    resolverRuleName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    secretConfig: OptionalType<TypeC<{
        account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        adminSecretName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        region: OptionalType<EnumType<string>>;
    }>>;
    sharedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    sharedOrganizationalUnits: OptionalType<TypeC<{
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    }>>;
    vpcSettings: TypeC<{
        subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
        vpcName: SizedType<string, Type<string, string, unknown>>;
    }>;
}> = ...

Managed active directory config

managedActiveDirectoryLogConfig: TypeC<{
    groupName: SizedType<string, Type<string, string, unknown>>;
    retentionInDays: OptionalType<NumberC>;
}> = ...
managedActiveDirectorySecretConfig: TypeC<{
    account: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    adminSecretName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    region: OptionalType<EnumType<string>>;
}> = ...
managedActiveDirectorySharedOuConfig: TypeC<{
    excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    organizationalUnits: ArrayC<SizedType<string, Type<string, string, unknown>>>;
}> = ...
managedActiveDirectoryVpcSettingsConfig: TypeC<{
    subnets: ArrayC<SizedType<string, Type<string, string, unknown>>>;
    vpcName: SizedType<string, Type<string, string, unknown>>;
}> = ...

Managed active directory vpc settings config

permissionsBoundaryConfig: TypeC<{
    awsManagedPolicyName: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    customerManagedPolicy: OptionalType<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    }>>;
}> = ...

Identity Center Permission Boundary Config

policiesConfig: TypeC<{
    awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
}> = ...

IAM policies config

policyConfig: TypeC<{
    name: SizedType<string, Type<string, string, unknown>>;
    policy: SizedType<string, Type<string, string, unknown>>;
}> = ...

IAM policy configuration

policySetConfig: TypeC<{
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    identityCenterDependency: OptionalType<BooleanC>;
    policies: ArrayC<TypeC<{
        name: SizedType<string, Type<string, string, unknown>>;
        policy: SizedType<string, Type<string, string, unknown>>;
    }>>;
}> = ...

IAM policy set configuration

principalTypeEnum: EnumType<"USER" | "GROUP"> = ...

An enum for assume by configuration

Possible values user or group

roleConfig: TypeC<{
    assumedBy: ArrayC<TypeC<{
        principal: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        type: EnumType<"service" | "account" | "provider">;
    }>>;
    boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    instanceProfile: OptionalType<BooleanC>;
    name: SizedType<string, Type<string, string, unknown>>;
    policies: OptionalType<TypeC<{
        awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>>;
}> = ...

IAM role configuration

roleSetConfig: TypeC<{
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    path: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    roles: ArrayC<TypeC<{
        assumedBy: ArrayC<TypeC<{
            principal: OptionalType<SizedType<string, Type<string, string, unknown>>>;
            type: EnumType<"service" | "account" | "provider">;
        }>>;
        boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        instanceProfile: OptionalType<BooleanC>;
        name: SizedType<string, Type<string, string, unknown>>;
        policies: OptionalType<TypeC<{
            awsManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
            customerManaged: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        }>>;
    }>>;
}> = ...

IAM role set configuration

samlProviderConfig: TypeC<{
    metadataDocument: SizedType<string, Type<string, string, unknown>>;
    name: SizedType<string, Type<string, string, unknown>>;
}> = ...

SAML provider configuration

userConfig: TypeC<{
    boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
    group: SizedType<string, Type<string, string, unknown>>;
    username: SizedType<string, Type<string, string, unknown>>;
}> = ...

IAM user configuration

userSetConfig: TypeC<{
    deploymentTargets: TypeC<{
        accounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedAccounts: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        excludedRegions: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
        organizationalUnits: OptionalType<ArrayC<SizedType<string, Type<string, string, unknown>>>>;
    }>;
    users: ArrayC<TypeC<{
        boundaryPolicy: OptionalType<SizedType<string, Type<string, string, unknown>>>;
        group: SizedType<string, Type<string, string, unknown>>;
        username: SizedType<string, Type<string, string, unknown>>;
    }>>;
}> = ...

User set configuration

Generated using TypeDoc