Class IdentityCenterConfig

IamConfig / IdentityCenterConfig

Identity Center Configuration

Example

identityCenter:
 name: identityCenter1
 delegatedAdminAccount: Audit
identityCenterPermissionSets:
  - name: PermissionSet1
    policies:
      awsManaged:
        - arn:aws:iam::aws:policy/AdministratorAccess
        - PowerUserAccess
      customerManaged:
        - ResourceConfigurationCollectorPolicy
      acceleratorManaged:
        - AcceleratorManagedPolicy01
        - AcceleratorManagedPolicy02
      inlinePolicy: iam-policies/sso-permissionSet1-inline-policy.json
      permissionsBoundary:
        customerManagedPolicy:
          name: AcceleratorManagedPolicy
          path: /
        awsManagedPolicyName: PowerUserAccess
    sessionDuration: 60
 identityCenterAssignments:
  - name: Assignment1
    permissionSetName: PermissionSet1
    principals:
      - type: USER
        name: accelerator
      - type: GROUP
        name: admin
    deploymentTargets:
      accounts:
        - LogArchive

Hierarchy

  • IdentityCenterConfig

Implements

Constructors

constructor

Properties

delegatedAdminAccount identityCenterAssignments identityCenterPermissionSets name

Constructors

constructor

Properties

Readonly delegatedAdminAccount

delegatedAdminAccount: undefined | string = undefined

Override for Delegated Admin Account

Remarks

All Accelerator managed Identity Center Permission Sets and Assignments must be removed before changing the service's delegated administrator. To change this property:

Remove or comment out the existing PermissionSets and Assignments from identityCenter configuration from iam-config.yaml. Important: You must leave identityCenter, name, and delegatedAdminAccount. Run the pipeline to remove the resources. Add or uncomment the desired identityCenter configuration to iam-config.yaml. Set the delegatedAdminAccount property to the desired new delegated administrator account. Run the pipeline to update the delegated admin and create Identity Center resources.

Readonly identityCenterAssignments

identityCenterAssignments: undefined | IdentityCenterAssignmentConfig[] = undefined

IamConfig / IdentityCenterConfig / IdentityCenterAssignmentConfig

List of Assignments

Readonly identityCenterPermissionSets

identityCenterPermissionSets: undefined | IdentityCenterPermissionSetConfig[] = undefined

IamConfig / IdentityCenterConfig / IdentityCenterPermissionSetConfig

List of PermissionSets

Readonly name

name: string = ''

A name for the Identity Center Configuration

Settings

Member Visibility

Theme

Generated using TypeDoc