createInstanceAccessControlAttributeConfiguration method

Future<void> createInstanceAccessControlAttributeConfiguration({
  1. required InstanceAccessControlAttributeConfiguration instanceAccessControlAttributeConfiguration,
  2. required String instanceArn,
})

Enables the attributes-based access control (ABAC) feature for the specified AWS SSO instance. You can also specify new attributes to add to your ABAC configuration during the enabling process. For more information about ABAC, see Attribute-Based Access Control in the AWS SSO User Guide.

May throw InternalServerException. May throw AccessDeniedException. May throw ThrottlingException. May throw ValidationException. May throw ResourceNotFoundException. May throw ConflictException.

Parameter instanceAccessControlAttributeConfiguration : Specifies the AWS SSO identity store attributes to add to your ABAC configuration. When using an external identity provider as an identity source, you can pass attributes through the SAML assertion as an alternative to configuring attributes from the AWS SSO identity store. If a SAML assertion passes any of these attributes, AWS SSO will replace the attribute value with the value from the AWS SSO identity store.

Parameter instanceArn : The ARN of the SSO instance under which the operation will be executed.

Implementation

Future<void> createInstanceAccessControlAttributeConfiguration({
  required InstanceAccessControlAttributeConfiguration
      instanceAccessControlAttributeConfiguration,
  required String instanceArn,
}) async {
  ArgumentError.checkNotNull(instanceAccessControlAttributeConfiguration,
      'instanceAccessControlAttributeConfiguration');
  ArgumentError.checkNotNull(instanceArn, 'instanceArn');
  _s.validateStringLength(
    'instanceArn',
    instanceArn,
    10,
    1224,
    isRequired: true,
  );
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target':
        'SWBExternalService.CreateInstanceAccessControlAttributeConfiguration'
  };
  await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'InstanceAccessControlAttributeConfiguration':
          instanceAccessControlAttributeConfiguration,
      'InstanceArn': instanceArn,
    },
  );
}