class Aws::SSOAdmin::Types::AccessControlAttribute

These are Amazon Web Services SSO identity store attributes that you can configure for use in attributes-based access control (ABAC). You can create permissions policies that determine who can access your Amazon Web Services resources based upon the configured attribute values. When you enable ABAC and specify `AccessControlAttributes`, Amazon Web Services SSO passes the attribute values of the authenticated user into IAM for use in policy evaluation.

@note When making an API call, you may pass AccessControlAttribute

data as a hash:

    {
      key: "AccessControlAttributeKey", # required
      value: { # required
        source: ["AccessControlAttributeValueSource"], # required
      },
    }

@!attribute [rw] key

The name of the attribute associated with your identities in your
identity source. This is used to map a specified attribute in your
identity source with an attribute in Amazon Web Services SSO.
@return [String]

@!attribute [rw] value

The value used for mapping a specified attribute to an identity
source.
@return [Types::AccessControlAttributeValue]

@see docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AccessControlAttribute AWS API Documentation

Constants

SENSITIVE