/
permissionSet.go
339 lines (279 loc) · 12.6 KB
/
permissionSet.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package ssoadmin
import (
"context"
"reflect"
"github.com/pkg/errors"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
// Provides a Single Sign-On (SSO) Permission Set resource
//
// > **NOTE:** Updating this resource will automatically [Provision the Permission Set](https://docs.aws.amazon.com/singlesignon/latest/APIReference/API_ProvisionPermissionSet.html) to apply the corresponding updates to all assigned accounts.
//
// ## Import
//
// SSO Permission Sets can be imported using the `arn` and `instance_arn` separated by a comma (`,`) e.g.
//
// ```sh
// $ pulumi import aws:ssoadmin/permissionSet:PermissionSet example arn:aws:sso:::permissionSet/ssoins-2938j0x8920sbj72/ps-80383020jr9302rk,arn:aws:sso:::instance/ssoins-2938j0x8920sbj72
// ```
type PermissionSet struct {
pulumi.CustomResourceState
// The Amazon Resource Name (ARN) of the Permission Set.
Arn pulumi.StringOutput `pulumi:"arn"`
// The date the Permission Set was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
CreatedDate pulumi.StringOutput `pulumi:"createdDate"`
// The description of the Permission Set.
Description pulumi.StringPtrOutput `pulumi:"description"`
// The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
InstanceArn pulumi.StringOutput `pulumi:"instanceArn"`
// The name of the Permission Set.
Name pulumi.StringOutput `pulumi:"name"`
// The relay state URL used to redirect users within the application during the federation authentication process.
RelayState pulumi.StringPtrOutput `pulumi:"relayState"`
// The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.
SessionDuration pulumi.StringPtrOutput `pulumi:"sessionDuration"`
// Key-value map of resource tags.
Tags pulumi.StringMapOutput `pulumi:"tags"`
}
// NewPermissionSet registers a new resource with the given unique name, arguments, and options.
func NewPermissionSet(ctx *pulumi.Context,
name string, args *PermissionSetArgs, opts ...pulumi.ResourceOption) (*PermissionSet, error) {
if args == nil {
return nil, errors.New("missing one or more required arguments")
}
if args.InstanceArn == nil {
return nil, errors.New("invalid value for required argument 'InstanceArn'")
}
var resource PermissionSet
err := ctx.RegisterResource("aws:ssoadmin/permissionSet:PermissionSet", name, args, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
// GetPermissionSet gets an existing PermissionSet resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetPermissionSet(ctx *pulumi.Context,
name string, id pulumi.IDInput, state *PermissionSetState, opts ...pulumi.ResourceOption) (*PermissionSet, error) {
var resource PermissionSet
err := ctx.ReadResource("aws:ssoadmin/permissionSet:PermissionSet", name, id, state, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
// Input properties used for looking up and filtering PermissionSet resources.
type permissionSetState struct {
// The Amazon Resource Name (ARN) of the Permission Set.
Arn *string `pulumi:"arn"`
// The date the Permission Set was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
CreatedDate *string `pulumi:"createdDate"`
// The description of the Permission Set.
Description *string `pulumi:"description"`
// The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
InstanceArn *string `pulumi:"instanceArn"`
// The name of the Permission Set.
Name *string `pulumi:"name"`
// The relay state URL used to redirect users within the application during the federation authentication process.
RelayState *string `pulumi:"relayState"`
// The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.
SessionDuration *string `pulumi:"sessionDuration"`
// Key-value map of resource tags.
Tags map[string]string `pulumi:"tags"`
}
type PermissionSetState struct {
// The Amazon Resource Name (ARN) of the Permission Set.
Arn pulumi.StringPtrInput
// The date the Permission Set was created in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
CreatedDate pulumi.StringPtrInput
// The description of the Permission Set.
Description pulumi.StringPtrInput
// The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
InstanceArn pulumi.StringPtrInput
// The name of the Permission Set.
Name pulumi.StringPtrInput
// The relay state URL used to redirect users within the application during the federation authentication process.
RelayState pulumi.StringPtrInput
// The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.
SessionDuration pulumi.StringPtrInput
// Key-value map of resource tags.
Tags pulumi.StringMapInput
}
func (PermissionSetState) ElementType() reflect.Type {
return reflect.TypeOf((*permissionSetState)(nil)).Elem()
}
type permissionSetArgs struct {
// The description of the Permission Set.
Description *string `pulumi:"description"`
// The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
InstanceArn string `pulumi:"instanceArn"`
// The name of the Permission Set.
Name *string `pulumi:"name"`
// The relay state URL used to redirect users within the application during the federation authentication process.
RelayState *string `pulumi:"relayState"`
// The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.
SessionDuration *string `pulumi:"sessionDuration"`
// Key-value map of resource tags.
Tags map[string]string `pulumi:"tags"`
}
// The set of arguments for constructing a PermissionSet resource.
type PermissionSetArgs struct {
// The description of the Permission Set.
Description pulumi.StringPtrInput
// The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
InstanceArn pulumi.StringInput
// The name of the Permission Set.
Name pulumi.StringPtrInput
// The relay state URL used to redirect users within the application during the federation authentication process.
RelayState pulumi.StringPtrInput
// The length of time that the application user sessions are valid in the ISO-8601 standard. Default: `PT1H`.
SessionDuration pulumi.StringPtrInput
// Key-value map of resource tags.
Tags pulumi.StringMapInput
}
func (PermissionSetArgs) ElementType() reflect.Type {
return reflect.TypeOf((*permissionSetArgs)(nil)).Elem()
}
type PermissionSetInput interface {
pulumi.Input
ToPermissionSetOutput() PermissionSetOutput
ToPermissionSetOutputWithContext(ctx context.Context) PermissionSetOutput
}
func (*PermissionSet) ElementType() reflect.Type {
return reflect.TypeOf((*PermissionSet)(nil))
}
func (i *PermissionSet) ToPermissionSetOutput() PermissionSetOutput {
return i.ToPermissionSetOutputWithContext(context.Background())
}
func (i *PermissionSet) ToPermissionSetOutputWithContext(ctx context.Context) PermissionSetOutput {
return pulumi.ToOutputWithContext(ctx, i).(PermissionSetOutput)
}
func (i *PermissionSet) ToPermissionSetPtrOutput() PermissionSetPtrOutput {
return i.ToPermissionSetPtrOutputWithContext(context.Background())
}
func (i *PermissionSet) ToPermissionSetPtrOutputWithContext(ctx context.Context) PermissionSetPtrOutput {
return pulumi.ToOutputWithContext(ctx, i).(PermissionSetPtrOutput)
}
type PermissionSetPtrInput interface {
pulumi.Input
ToPermissionSetPtrOutput() PermissionSetPtrOutput
ToPermissionSetPtrOutputWithContext(ctx context.Context) PermissionSetPtrOutput
}
type permissionSetPtrType PermissionSetArgs
func (*permissionSetPtrType) ElementType() reflect.Type {
return reflect.TypeOf((**PermissionSet)(nil))
}
func (i *permissionSetPtrType) ToPermissionSetPtrOutput() PermissionSetPtrOutput {
return i.ToPermissionSetPtrOutputWithContext(context.Background())
}
func (i *permissionSetPtrType) ToPermissionSetPtrOutputWithContext(ctx context.Context) PermissionSetPtrOutput {
return pulumi.ToOutputWithContext(ctx, i).(PermissionSetPtrOutput)
}
// PermissionSetArrayInput is an input type that accepts PermissionSetArray and PermissionSetArrayOutput values.
// You can construct a concrete instance of `PermissionSetArrayInput` via:
//
// PermissionSetArray{ PermissionSetArgs{...} }
type PermissionSetArrayInput interface {
pulumi.Input
ToPermissionSetArrayOutput() PermissionSetArrayOutput
ToPermissionSetArrayOutputWithContext(context.Context) PermissionSetArrayOutput
}
type PermissionSetArray []PermissionSetInput
func (PermissionSetArray) ElementType() reflect.Type {
return reflect.TypeOf(([]*PermissionSet)(nil))
}
func (i PermissionSetArray) ToPermissionSetArrayOutput() PermissionSetArrayOutput {
return i.ToPermissionSetArrayOutputWithContext(context.Background())
}
func (i PermissionSetArray) ToPermissionSetArrayOutputWithContext(ctx context.Context) PermissionSetArrayOutput {
return pulumi.ToOutputWithContext(ctx, i).(PermissionSetArrayOutput)
}
// PermissionSetMapInput is an input type that accepts PermissionSetMap and PermissionSetMapOutput values.
// You can construct a concrete instance of `PermissionSetMapInput` via:
//
// PermissionSetMap{ "key": PermissionSetArgs{...} }
type PermissionSetMapInput interface {
pulumi.Input
ToPermissionSetMapOutput() PermissionSetMapOutput
ToPermissionSetMapOutputWithContext(context.Context) PermissionSetMapOutput
}
type PermissionSetMap map[string]PermissionSetInput
func (PermissionSetMap) ElementType() reflect.Type {
return reflect.TypeOf((map[string]*PermissionSet)(nil))
}
func (i PermissionSetMap) ToPermissionSetMapOutput() PermissionSetMapOutput {
return i.ToPermissionSetMapOutputWithContext(context.Background())
}
func (i PermissionSetMap) ToPermissionSetMapOutputWithContext(ctx context.Context) PermissionSetMapOutput {
return pulumi.ToOutputWithContext(ctx, i).(PermissionSetMapOutput)
}
type PermissionSetOutput struct {
*pulumi.OutputState
}
func (PermissionSetOutput) ElementType() reflect.Type {
return reflect.TypeOf((*PermissionSet)(nil))
}
func (o PermissionSetOutput) ToPermissionSetOutput() PermissionSetOutput {
return o
}
func (o PermissionSetOutput) ToPermissionSetOutputWithContext(ctx context.Context) PermissionSetOutput {
return o
}
func (o PermissionSetOutput) ToPermissionSetPtrOutput() PermissionSetPtrOutput {
return o.ToPermissionSetPtrOutputWithContext(context.Background())
}
func (o PermissionSetOutput) ToPermissionSetPtrOutputWithContext(ctx context.Context) PermissionSetPtrOutput {
return o.ApplyT(func(v PermissionSet) *PermissionSet {
return &v
}).(PermissionSetPtrOutput)
}
type PermissionSetPtrOutput struct {
*pulumi.OutputState
}
func (PermissionSetPtrOutput) ElementType() reflect.Type {
return reflect.TypeOf((**PermissionSet)(nil))
}
func (o PermissionSetPtrOutput) ToPermissionSetPtrOutput() PermissionSetPtrOutput {
return o
}
func (o PermissionSetPtrOutput) ToPermissionSetPtrOutputWithContext(ctx context.Context) PermissionSetPtrOutput {
return o
}
type PermissionSetArrayOutput struct{ *pulumi.OutputState }
func (PermissionSetArrayOutput) ElementType() reflect.Type {
return reflect.TypeOf((*[]PermissionSet)(nil))
}
func (o PermissionSetArrayOutput) ToPermissionSetArrayOutput() PermissionSetArrayOutput {
return o
}
func (o PermissionSetArrayOutput) ToPermissionSetArrayOutputWithContext(ctx context.Context) PermissionSetArrayOutput {
return o
}
func (o PermissionSetArrayOutput) Index(i pulumi.IntInput) PermissionSetOutput {
return pulumi.All(o, i).ApplyT(func(vs []interface{}) PermissionSet {
return vs[0].([]PermissionSet)[vs[1].(int)]
}).(PermissionSetOutput)
}
type PermissionSetMapOutput struct{ *pulumi.OutputState }
func (PermissionSetMapOutput) ElementType() reflect.Type {
return reflect.TypeOf((*map[string]PermissionSet)(nil))
}
func (o PermissionSetMapOutput) ToPermissionSetMapOutput() PermissionSetMapOutput {
return o
}
func (o PermissionSetMapOutput) ToPermissionSetMapOutputWithContext(ctx context.Context) PermissionSetMapOutput {
return o
}
func (o PermissionSetMapOutput) MapIndex(k pulumi.StringInput) PermissionSetOutput {
return pulumi.All(o, k).ApplyT(func(vs []interface{}) PermissionSet {
return vs[0].(map[string]PermissionSet)[vs[1].(string)]
}).(PermissionSetOutput)
}
func init() {
pulumi.RegisterOutputType(PermissionSetOutput{})
pulumi.RegisterOutputType(PermissionSetPtrOutput{})
pulumi.RegisterOutputType(PermissionSetArrayOutput{})
pulumi.RegisterOutputType(PermissionSetMapOutput{})
}