createSecurityProfile method

Future<CreateSecurityProfileResponse> createSecurityProfile({ required String instanceId, required String securityProfileName, String? allowedAccessControlHierarchyGroupId, Map<String, String>? allowedAccessControlTags, List<FlowModule>? allowedFlowModules, List<Application>? applications, String? description, GranularAccessControlConfiguration? granularAccessControlConfiguration, List<String>? hierarchyRestrictedResources, List<String>? permissions, List<String>? tagRestrictedResources, Map<String, String>? tags, })

Creates a security profile.

For information about security profiles, see Security Profiles in the Connect Customer Administrator Guide. For a mapping of the API name and user interface name of the security profile permissions, see List of security profile permissions.

May throw DuplicateResourceException. May throw InternalServiceException. May throw InvalidParameterException. May throw InvalidRequestException. May throw LimitExceededException. May throw ResourceNotFoundException. May throw ThrottlingException.

Parameter instanceId : The identifier of the Connect Customer instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

Parameter securityProfileName : The name of the security profile.

Parameter allowedAccessControlHierarchyGroupId : The identifier of the hierarchy group that a security profile uses to restrict access to resources in Connect Customer.

Parameter allowedAccessControlTags : The list of tags that a security profile uses to restrict access to resources in Connect Customer.

Parameter allowedFlowModules : A list of Flow Modules an AI Agent can invoke as a tool.

Parameter applications : A list of third-party applications or MCP Servers that the security profile will give access to.

Parameter description : The description of the security profile.

Parameter granularAccessControlConfiguration : The granular access control configuration for the security profile, including data table permissions.

Parameter hierarchyRestrictedResources : The list of resources that a security profile applies hierarchy restrictions to in Connect Customer. Following are acceptable ResourceNames: User.

Parameter permissions : Permissions assigned to the security profile. For a list of valid permissions, see List of security profile permissions.

Parameter tagRestrictedResources : The list of resources that a security profile applies tag restrictions to in Connect Customer. For a list of Connect Customer resources that you can tag, see Add tags to resources in Connect Customer in the Connect Customer Administrator Guide.

Parameter tags : The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.

Implementation

Future<CreateSecurityProfileResponse> createSecurityProfile({
  required String instanceId,
  required String securityProfileName,
  String? allowedAccessControlHierarchyGroupId,
  Map<String, String>? allowedAccessControlTags,
  List<FlowModule>? allowedFlowModules,
  List<Application>? applications,
  String? description,
  GranularAccessControlConfiguration? granularAccessControlConfiguration,
  List<String>? hierarchyRestrictedResources,
  List<String>? permissions,
  List<String>? tagRestrictedResources,
  Map<String, String>? tags,
}) async {
  final $payload = <String, dynamic>{
    'SecurityProfileName': securityProfileName,
    if (allowedAccessControlHierarchyGroupId != null)
      'AllowedAccessControlHierarchyGroupId':
          allowedAccessControlHierarchyGroupId,
    if (allowedAccessControlTags != null)
      'AllowedAccessControlTags': allowedAccessControlTags,
    if (allowedFlowModules != null) 'AllowedFlowModules': allowedFlowModules,
    if (applications != null) 'Applications': applications,
    if (description != null) 'Description': description,
    if (granularAccessControlConfiguration != null)
      'GranularAccessControlConfiguration':
          granularAccessControlConfiguration,
    if (hierarchyRestrictedResources != null)
      'HierarchyRestrictedResources': hierarchyRestrictedResources,
    if (permissions != null) 'Permissions': permissions,
    if (tagRestrictedResources != null)
      'TagRestrictedResources': tagRestrictedResources,
    if (tags != null) 'Tags': tags,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'PUT',
    requestUri: '/security-profiles/${Uri.encodeComponent(instanceId)}',
    exceptionFnMap: _exceptionFns,
  );
  return CreateSecurityProfileResponse.fromJson(response);
}