Interface IIdentityCenterConfig

IamConfig / IdentityCenterConfig

Description

Identity Center Configuration

Example

identityCenter:
 name: identityCenter1
 delegatedAdminAccount: Audit
 identityCenterPermissionSets:
   - name: PermissionSet1
     policies:
       awsManaged:
         - arn:aws:iam::aws:policy/AdministratorAccess
         - PowerUserAccess
       customerManaged:
         - ResourceConfigurationCollectorPolicy
       acceleratorManaged:
         - AcceleratorManagedPolicy01
         - AcceleratorManagedPolicy02
       inlinePolicy: iam-policies/sso-permissionSet1-inline-policy.json
       permissionsBoundary:
         customerManagedPolicy:
           name: AcceleratorManagedPolicy
           path: /
         awsManagedPolicyName: PowerUserAccess
      sessionDuration: 60
 identityCenterAssignments:
  - name: Assignment1
    permissionSetName: PermissionSet1
    principals:
      - type: USER
        name: accelerator
      - type: GROUP
        name: admin
    deploymentTargets:
      accounts:
        - LogArchive

interface IIdentityCenterConfig {
    delegatedAdminAccount?: string;
    identityCenterAssignments?: IIdentityCenterAssignmentConfig[];
    identityCenterPermissionSets?: IIdentityCenterPermissionSetConfig[];
    name: string;
}

Index

Properties

delegatedAdminAccount? identityCenterAssignments? identityCenterPermissionSets? name

Properties

`Optional` `Readonly`delegatedAdminAccount

delegatedAdminAccount?: string

Override for Delegated Admin Account

Remarks

All Accelerator managed Identity Center Permission Sets and Assignments must be removed before changing the service's delegated administrator. To change this property:

Remove or comment out the existing PermissionSets and Assignments from identityCenter configuration from iam-config.yaml. Important: You must leave identityCenter, name, and delegatedAdminAccount. Run the pipeline to remove the resources. Add or uncomment the desired identityCenter configuration to iam-config.yaml. Set the delegatedAdminAccount property to the desired new delegated administrator account. Run the pipeline to update the delegated admin and create Identity Center resources.

`Optional` `Readonly`identityCenterAssignments

identityCenterAssignments?: IIdentityCenterAssignmentConfig[]

IamConfig / IdentityCenterConfig / IdentityCenterAssignmentConfig

Description

List of Assignments

`Optional` `Readonly`identityCenterPermissionSets

identityCenterPermissionSets?: IIdentityCenterPermissionSetConfig[]

IamConfig / IdentityCenterConfig / IdentityCenterPermissionSetConfig

Description

List of PermissionSets

`Readonly`name

name: string

A name for the Identity Center Configuration

Interface IIdentityCenterConfig

Description

Example

Index

Properties

Properties

`Optional` `Readonly`delegatedAdminAccount

Remarks

`Optional` `Readonly`identityCenterAssignments

Description

`Optional` `Readonly`identityCenterPermissionSets

Description

`Readonly`name

Settings

On This Page

Interface IIdentityCenterConfig

Description

Example

Index

Properties

Properties

Optional ReadonlydelegatedAdminAccount

Remarks

Optional ReadonlyidentityCenterAssignments

Description

Optional ReadonlyidentityCenterPermissionSets

Description

Readonlyname

Settings

On This Page

`Optional` `Readonly`delegatedAdminAccount

`Optional` `Readonly`identityCenterAssignments

`Optional` `Readonly`identityCenterPermissionSets

`Readonly`name