Initial code release for resource AWS::SSO::PermissionSet and AWS::SSO::Assignment #4
Conversation
| # AWS::SSO::Assignment | ||
|
|
||
| Congratulations on starting development! Next steps: | ||
|
|
||
| 1. Write the JSON schema describing your resource, `aws-sso-assignment.json` | ||
| 1. Implement your resource handlers. | ||
|
|
||
| The RPDK will automatically generate the correct resource model from the schema whenever the project is built via Maven. You can also do this manually with the following command: `cfn generate`. | ||
|
|
||
| > Please don't modify files under `target/generated-sources/rpdk`, as they will be automatically overwritten. | ||
|
|
||
| The code uses [Lombok](https://projectlombok.org/), and [you may have to install IDE integrations](https://projectlombok.org/setup/overview) to enable auto-complete for Lombok-annotated classes. |
There was a problem hiding this comment.
Yea, this is the generated README from cfn build process. Saw other teams also kept it that way.
| "update": { | ||
| "permissions": [] | ||
| }, | ||
| "list": { |
There was a problem hiding this comment.
Should listAccountAssignments be here too?
There was a problem hiding this comment.
No, due to the sso instance input for our list API, we dont implement list API. Update API is due to assignment not updatable.
| public final static String TEST_SSO_INSTANCE_ARN = "arn:aws:sso:::instance/ins-1a5c249c9a03b908"; | ||
| public final static String TEST_PERMISSION_SET_ARN = "arn:aws:sso:::permissionSet/ssoins-1a5c249c9a03b908/ps-d1fc7a84aead19b9"; | ||
| public final static String TEST_PERMISSION_SET_ARN_2 = "arn:aws:sso:::permissionSet/ssoins-1a5c249c9a03b908/ps-d1fc7a84aead18b8"; | ||
| public final static String TEST_TARGET_ID = "089648181234"; | ||
| public final static String TEST_TARGET_ID_2 = "089648185678"; |
There was a problem hiding this comment.
just want to make sure these are not real
There was a problem hiding this comment.
Yea, these are fake
| # AWS::SSO::PermissionSet | ||
|
|
||
| Congratulations on starting development! Next steps: | ||
|
|
||
| 1. Write the JSON schema describing your resource, `aws-sso-permissionset.json` | ||
| 1. Implement your resource handlers. | ||
|
|
||
| The RPDK will automatically generate the correct resource model from the schema whenever the project is built via Maven. You can also do this manually with the following command: `cfn generate`. | ||
|
|
||
| > Please don't modify files under `target/generated-sources/rpdk`, as they will be automatically overwritten. | ||
|
|
||
| The code uses [Lombok](https://projectlombok.org/), and [you may have to install IDE integrations](https://projectlombok.org/setup/overview) to enable auto-complete for Lombok-annotated classes. |
There was a problem hiding this comment.
Same response as permissionset
| @@ -0,0 +1,160 @@ | |||
| { | |||
There was a problem hiding this comment.
This goes for assignment too but are the descriptions matching our public documentation?
There was a problem hiding this comment.
Yes, the public CFN file is generated from this json file
| "sso:DeletePermissionSet" | ||
| ] | ||
| }, | ||
| "list": { |
There was a problem hiding this comment.
I feel like there are some ones missing
There was a problem hiding this comment.
No, due to the sso instance input for our list API, we dont implement list API.
| "InstanceArn": { | ||
| "description": "The sso instance that the permission set is owned.", | ||
| "type": "string", | ||
| "pattern": "arn:aws:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}", |
There was a problem hiding this comment.
should un-hardcode the aws partition eventually in order to work in other partitions
| "PermissionSetArn": { | ||
| "description": "The permission set that the assignemt will be assigned", | ||
| "type": "string", | ||
| "pattern": "arn:aws:sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}", |
There was a problem hiding this comment.
should un-hardcode the aws partition eventually in order to work in other partitions
| "PermissionSetArn": { | ||
| "description": "The permission set that the policy will be attached to", | ||
| "type": "string", | ||
| "pattern": "arn:aws:sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16}", |
There was a problem hiding this comment.
should un-hardcode the aws partition eventually in order to work in other partitions
| "InstanceArn": { | ||
| "description": "The sso instance arn that the permission set is owned.", | ||
| "type": "string", | ||
| "pattern": "arn:aws:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}", |
There was a problem hiding this comment.
should un-hardcode the aws partition eventually in order to work in other partitions
Issue #, if available:
Description of changes:
Release the implementation of the CFN resource PermissionSet and Assignment.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.