@renovosolutions/cdk-library-aws-sso
Advanced tools
Note: This construct library is currently being developed and requires more tests, but fundamentally it should work.
This CDK library provides L2 constructs for the AWS SSO CfnPermissionSet and CfnAssignment. Assignment is not consumed by other resources so it's attributes and properties are minimal, but a L2 construct makes it easier to interact with and allows providing a more fully featured construct for the Permission Set and assignment requires.
PermissionSet including importing from ARN and granting the permissionAssignmentSee API
import { PermissionSet, Assignment, PrincipalTypes } from '@renovosolutions/cdk-library-aws-sso';
import {
App,
Stack,
StackProps,
aws_sso as sso,
aws_iam as iam,
Duration,
} from 'aws-cdk-lib';
// create a permission set
const permissionSetExample = new PermissionSet(this, 'permissionSet', {
ssoInstanceArn: 'arn:aws:sso:::instance/ssoins-1234567891234567',
name: 'ExamplePermissionSet',
description: 'Example permission set with some policies',
awsManagedPolicies: [
iam.ManagedPolicy.fromAwsManagedPolicyName('job-function/ViewOnlyAccess'),
],
customerManagedPolicyReferences: [
{
name: 'someServiceLogRead', // must exist in the target account
path: '/',
}
],
relayStateType: 'https://us-east-1.console.aws.amazon.com/cloudwatch/home'
})
// assign it to an account/principal with an Assignment
new Assignment(this, 'ExampleAssignment', {
permissionSet: permissionSetExample,
principal: {
principalId: '25750630-0ae9-479a-97c2-0afc2d5b4eac,
principalType: PrincipalTypes.GROUP,
},
targetId: '124567890123456',
});
// assign it to something else with a grant
permissionSetExample.grant('permissionSetExampleAssignment', {
principal: {
principalId: '12350630-0ae9-479a-97c2-0afc2d5b4eac',
principalType: PrincipalTypes.GROUP,
},
targetId: '344567890123456',
});
// import an existing permission set
const existingPermissionSetExample = PermissionSet.fromPermissionSetArn(this, 'existingPermissionSetExample', 'arn:aws:sso:::permissionSet/ssoins-1234567891234567/ps-55a5555a5a55ab55');
FAQs
AWS CDK Construct Library for AWS SSO
The npm package @renovosolutions/cdk-library-aws-sso receives a total of 1,113 weekly downloads. As such, @renovosolutions/cdk-library-aws-sso popularity was classified as popular.
We found that @renovosolutions/cdk-library-aws-sso demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.