awsapilib.sso package

Subpackages

Submodules

awsapilib.sso.sso module

Main code for sso.

class awsapilib.sso.sso.Sso(arn, region=None)[source]

Bases: LoggerMixin

Models AWS SSO.

API_CONTENT_ENCODING = 'amz-1.0'
API_CONTENT_TYPE = 'application/json; charset=UTF-8'
DEFAULT_AWS_REGION = 'eu-west-1'
property accounts

The aws accounts in sso.

Returns:

The accounts configured in SSO

Return type:

accounts (generator)

property api_url

The url of the api for sso.

Returns:

The url of the api for sso.

Return type:

api_url (str)

associate_group_to_account(group_name, account_name, permission_set_name)[source]

Associates a group with an account with proper permissions.

Parameters:

  • group_name – The name of the group to be assigned.

  • account_name – Name of the account to which the group will be assigned

  • permission_set_name – the Permission Set the group will have on the account

Returns:

True or False

Return type:

bool

associate_user_to_account(user_name, account_name, permission_set_name)[source]

Associates an user with an account with proper permissions.

Parameters:

  • user_name – The name of the user to be assigned.

  • account_name – Name of the account to which the user will be assigned

  • permission_set_name – the Permission Set the user will have on the account

Returns:

True or False

Return type:

bool

property aws_region

Aws Console Region.

Returns:

The region of the console.

Return type:

region (str)

create_permission_set(name, description=' ', relay_state=None, ttl='PT2H')[source]

Create a permission_set with a aws defined policy or custom policy.

Parameters:
Returns:

Permission Set object

Return type:

PermissionSet

delete_permission_set(name)[source]

Delete a permission_set .

Parameters:

name – The name of the permission_set .

Returns:

Status of the deletion

Return type:

Bool

property directory_id

The external/internal directory id configured with aws sso.

Returns:

The id of directory configured in SSO

Return type:

str

disassociate_group_from_account(group_name, account_name, permission_set_name)[source]

Disassociates a group with an account with proper permissions.

Parameters:

  • group_name – The name of the group to be assigned.

  • account_name – Name of the account to which the group will be assigned

  • permission_set_name – the Permission Set the group will have on the account

Returns:

True or False

Return type:

bool

disassociate_user_from_account(user_name, account_name, permission_set_name)[source]

Disassociates an user with an account with proper permissions.

Parameters:

  • user_name – The name of the user to be assigned.

  • account_name – Name of the account to which the user will be assigned

  • permission_set_name – the Permission Set the user will have on the account

Returns:

True or False

Return type:

bool

property endpoint_url

The url of the api endpoint for sso.

Returns:

The url of the api endpoint for sso.

Return type:

endpoint_url (str)

get_account_by_id(account_id)[source]

The account configured in SSO.

Returns:

The Account object

Return type:

account (Account)

get_account_by_name(account_name)[source]

The account configured in SSO.

Returns:

The Account object

Return type:

account (Account)

get_api_payload(content_string, target, method='POST', params=None, path='/', content_type=None, content_encoding=None, x_amz_target='', region=None)[source]

Generates the payload for calling the AWS SSO APIs.

Returns:

Returns a deepcopy object of the payload

Return type:

payload (dict)

get_group_by_id(group_id)[source]

The group configured in SSO.

Returns:

The Group object

Return type:

group (Group)

get_group_by_name(group_name)[source]

The group configured in SSO.

Returns:

The Group object

Return type:

group (Group)

get_permission_set_by_name(permission_set_name)[source]

The permission-set configured in SSO.

Returns:

The PermissionSet object

Return type:

permission_set (PermissionSet)

get_user_by_id(user_id)[source]

The user configured in SSO.

Returns:

The User object

Return type:

user (User)

get_user_by_name(user_name)[source]

The user configured in SSO.

Returns:

The User object

Return type:

user (User)

property groups

The groups configured in SSO.

Returns:

The groups configured in SSO

Return type:

groups (generator)

property permission_sets

The permission_sets configured in SSO.

Returns:

The permission sets configured in SSO

Return type:

permission_sets (generator)

property relay_state

The relay state of the SSO.

Returns:

The relay state of sso.

Return type:

relay_state (str)

property users

The users configured in SSO.

Returns:

The users configured in SSO

Return type:

users (generator)

awsapilib.sso.ssoexceptions module

Custom exception code for sso.

exception awsapilib.sso.ssoexceptions.NoAccount[source]

Bases: Exception

The account does not exist.

exception awsapilib.sso.ssoexceptions.NoGroup[source]

Bases: Exception

The group does not exist.

exception awsapilib.sso.ssoexceptions.NoPermissionSet[source]

Bases: Exception

The permission set does not exist.

exception awsapilib.sso.ssoexceptions.NoProfileID[source]

Bases: Exception

The permission set is not associated with the account.

exception awsapilib.sso.ssoexceptions.NoUser[source]

Bases: Exception

The user does not exist.

exception awsapilib.sso.ssoexceptions.UnsupportedTarget[source]

Bases: Exception

The target call is not supported by the current implementation.

Module contents

sso package.

Import all parts from sso here