createInstanceAccessControlAttributeConfiguration method
- required InstanceAccessControlAttributeConfiguration instanceAccessControlAttributeConfiguration,
- required String instanceArn,
Enables the attributes-based access control (ABAC) feature for the specified IAM Identity Center instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the IAM Identity Center User Guide.
May throw AccessDeniedException.
May throw ConflictException.
May throw InternalServerException.
May throw ResourceNotFoundException.
May throw ThrottlingException.
May throw ValidationException.
Parameter instanceAccessControlAttributeConfiguration :
Specifies the IAM Identity Center identity store attributes to add to your
ABAC configuration. When using an external identity provider as an
identity source, you can pass attributes through the SAML assertion. Doing
so provides an alternative to configuring attributes from the IAM Identity
Center identity store. If a SAML assertion passes any of these attributes,
IAM Identity Center will replace the attribute value with the value from
the IAM Identity Center identity store.
Parameter instanceArn :
The ARN of the IAM Identity Center instance under which the operation will
be executed.
Implementation
Future<void> createInstanceAccessControlAttributeConfiguration({
required InstanceAccessControlAttributeConfiguration
instanceAccessControlAttributeConfiguration,
required String instanceArn,
}) async {
final headers = <String, String>{
'Content-Type': 'application/x-amz-json-1.1',
'X-Amz-Target':
'SWBExternalService.CreateInstanceAccessControlAttributeConfiguration'
};
await _protocol.send(
method: 'POST',
requestUri: '/',
exceptionFnMap: _exceptionFns,
// TODO queryParams
headers: headers,
payload: {
'InstanceAccessControlAttributeConfiguration':
instanceAccessControlAttributeConfiguration,
'InstanceArn': instanceArn,
},
);
}