class Aws::SSOAdmin::Types::CreateInstanceAccessControlAttributeConfigurationRequest
@note When making an API call, you may pass CreateInstanceAccessControlAttributeConfigurationRequest
data as a hash: { instance_arn: "InstanceArn", # required instance_access_control_attribute_configuration: { # required access_control_attributes: [ # required { key: "AccessControlAttributeKey", # required value: { # required source: ["AccessControlAttributeValueSource"], # required }, }, ], }, }
@!attribute [rw] instance_arn
The ARN of the SSO instance under which the operation will be executed. @return [String]
@!attribute [rw] instance_access_control_attribute_configuration
Specifies the Amazon Web Services SSO identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion. Doing so provides an alternative to configuring attributes from the Amazon Web Services SSO identity store. If a SAML assertion passes any of these attributes, Amazon Web Services SSO will replace the attribute value with the value from the Amazon Web Services SSO identity store. @return [Types::InstanceAccessControlAttributeConfiguration]
@see docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation
Constants
- SENSITIVE