@renovosolutions/cdk-library-aws-sso
Advanced tools
Readme
Note: This construct library is currently being developed and requires more tests, but fundamentally it should work.
This CDK library provides L2 constructs for the AWS SSO CfnPermissionSet and CfnAssignment. Assignment is not consumed by other resources so it's attributes and properties are minimal, but a L2 construct makes it easier to interact with and allows providing a more fully featured construct for the Permission Set and assignment requires.
PermissionSet including importing from ARN and granting the permissionAssignmentSee API
import { PermissionSet, Assignment, PrincipalTypes } from '@renovosolutions/cdk-library-aws-sso';
import {
App,
Stack,
StackProps,
aws_sso as sso,
aws_iam as iam,
Duration,
} from 'aws-cdk-lib';
// create a permission set
const permissionSetExample = new PermissionSet(this, 'permissionSet', {
ssoInstanceArn: 'arn:aws:sso:::instance/ssoins-1234567891234567',
name: 'ExamplePermissionSet',
description: 'Example permission set with some policies',
awsManagedPolicies: [
iam.ManagedPolicy.fromAwsManagedPolicyName('job-function/ViewOnlyAccess'),
],
customerManagedPolicyReferences: [
{
name: 'someServiceLogRead', // must exist in the target account
path: '/',
}
],
relayStateType: 'https://us-east-1.console.aws.amazon.com/cloudwatch/home'
})
// assign it to an account/principal with an Assignment
new Assignment(this, 'ExampleAssignment', {
permissionSet: permissionSetExample,
principal: {
principalId: '25750630-0ae9-479a-97c2-0afc2d5b4eac,
principalType: PrincipalTypes.GROUP,
},
targetId: '124567890123456',
});
// assign it to something else with a grant
permissionSetExample.grant('permissionSetExampleAssignment', {
principal: {
principalId: '12350630-0ae9-479a-97c2-0afc2d5b4eac',
principalType: PrincipalTypes.GROUP,
},
targetId: '344567890123456',
});
// import an existing permission set
const existingPermissionSetExample = PermissionSet.fromPermissionSetArn(this, 'existingPermissionSetExample', 'arn:aws:sso:::permissionSet/ssoins-1234567891234567/ps-55a5555a5a55ab55');
FAQs
AWS CDK Construct Library for AWS SSO
The npm package @renovosolutions/cdk-library-aws-sso receives a total of 1,593 weekly downloads. As such, @renovosolutions/cdk-library-aws-sso popularity was classified as popular.
We found that @renovosolutions/cdk-library-aws-sso demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.