class Aws::SSOAdmin::Types::CreateInstanceAccessControlAttributeConfigurationRequest

@note When making an API call, you may pass CreateInstanceAccessControlAttributeConfigurationRequest

data as a hash:

    {
      instance_arn: "InstanceArn", # required
      instance_access_control_attribute_configuration: { # required
        access_control_attributes: [ # required
          {
            key: "AccessControlAttributeKey", # required
            value: { # required
              source: ["AccessControlAttributeValueSource"], # required
            },
          },
        ],
      },
    }

@!attribute [rw] instance_arn

The ARN of the SSO instance under which the operation will be
executed.
@return [String]

@!attribute [rw] instance_access_control_attribute_configuration

Specifies the Amazon Web Services SSO identity store attributes to
add to your ABAC configuration. When using an external identity
provider as an identity source, you can pass attributes through the
SAML assertion. Doing so provides an alternative to configuring
attributes from the Amazon Web Services SSO identity store. If a
SAML assertion passes any of these attributes, Amazon Web Services
SSO will replace the attribute value with the value from the Amazon
Web Services SSO identity store.
@return [Types::InstanceAccessControlAttributeConfiguration]

@see docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateInstanceAccessControlAttributeConfigurationRequest AWS API Documentation

Constants

SENSITIVE