Class IdentityCenterConfig

IamConfig / IdentityCenterConfig

Identity Center Configuration

Example

identityCenter:
 name: identityCenter1
 delegatedAdminAccount: Audit
 identityCenterPermissionSets:
   - name: PermissionSet1
     policies:
       awsManaged:
         - arn:aws:iam::aws:policy/AdministratorAccess
       customerManaged:
         - ResourceConfigurationCollectorPolicy
     sessionDuration: 60
 identityCenterAssignments:
   - name: Assignment1
     permissionSetName: PermissionSet1
     principalId: "a4e81468-1001-70f0-9c12-56a6aa967ca4"
     principalType: USER
     deploymentTargets:
       accounts:
         - LogArchive

Hierarchy

  • IdentityCenterConfig

Implements

Constructors

constructor

Properties

delegatedAdminAccount identityCenterAssignments identityCenterPermissionSets name

Constructors

constructor

Properties

Readonly delegatedAdminAccount

delegatedAdminAccount: string = ''

Override for Delegated Admin Account

All LZA-managed Identity Center Permission Sets and Assignments must be removed before changing the service's delegated administrator. To change this property:

Remove or comment out the existing PermissionSets and Assignments from identityCenter configuration from iam-config.yaml. Important: You must leave identityCenter, name, and delegatedAdminAccount. Run the pipeline to remove the resources. Add or uncomment the desired identityCenter configuration to iam-config.yaml. Set the delegatedAdminAccount property to the desired new delegated administrator account. Run the pipeline to update the delegated admin and create Identity Center resources.

Readonly identityCenterAssignments

identityCenterAssignments: IdentityCenterAssignmentConfig[] = []

List of Assignments

Readonly identityCenterPermissionSets

identityCenterPermissionSets: IdentityCenterPermissionSetConfig[] = []

List of PermissionSets

Readonly name

name: string = ''

A name for the Identity Center Configuration

Settings

Member Visibility

Theme

Generated using TypeDoc