awsapilib.sso package¶
Subpackages¶
- awsapilib.sso.entities package
- Submodules
- awsapilib.sso.entities.entities module
Account
Entity
Group
PermissionSet
PermissionSet.assign_custom_policy_to_permission_set()
PermissionSet.creation_date
PermissionSet.delete_custom_policy_from_permission_set()
PermissionSet.description
PermissionSet.id
PermissionSet.name
PermissionSet.permission_policy
PermissionSet.provisioned_accounts
PermissionSet.relay_state
PermissionSet.ttl
PermissionSet.update()
PermissionSet.url
User
- Module contents
Submodules¶
awsapilib.sso.sso module¶
Main code for sso.
- class awsapilib.sso.sso.Sso(arn, region=None)[source]¶
Bases:
LoggerMixin
Models AWS SSO.
- API_CONTENT_ENCODING = 'amz-1.0'¶
- API_CONTENT_TYPE = 'application/json; charset=UTF-8'¶
- DEFAULT_AWS_REGION = 'eu-west-1'¶
- property accounts¶
The aws accounts in sso.
- Returns:
The accounts configured in SSO
- Return type:
accounts (generator)
- property api_url¶
The url of the api for sso.
- Returns:
The url of the api for sso.
- Return type:
api_url (str)
- associate_group_to_account(group_name, account_name, permission_set_name)[source]¶
Associates a group with an account with proper permissions.
- Parameters:
group_name – The name of the group to be assigned.
account_name – Name of the account to which the group will be assigned
permission_set_name – the Permission Set the group will have on the account
- Returns:
True or False
- Return type:
bool
- associate_user_to_account(user_name, account_name, permission_set_name)[source]¶
Associates an user with an account with proper permissions.
- Parameters:
user_name – The name of the user to be assigned.
account_name – Name of the account to which the user will be assigned
permission_set_name – the Permission Set the user will have on the account
- Returns:
True or False
- Return type:
bool
- property aws_region¶
Aws Console Region.
- Returns:
The region of the console.
- Return type:
region (str)
- create_permission_set(name, description=' ', relay_state=None, ttl='PT2H')[source]¶
Create a permission_set with a aws defined policy or custom policy.
- Parameters:
name – The name of the permission_set .
description – Description for the permission set
relay_state – The relay state for the permission set. https://docs.aws.amazon.com/singlesignon/latest/userguide/howtopermrelaystate.html
ttl – session duration
- Returns:
Permission Set object
- Return type:
- delete_permission_set(name)[source]¶
Delete a permission_set .
- Parameters:
name – The name of the permission_set .
- Returns:
Status of the deletion
- Return type:
Bool
- property directory_id¶
The external/internal directory id configured with aws sso.
- Returns:
The id of directory configured in SSO
- Return type:
str
- disassociate_group_from_account(group_name, account_name, permission_set_name)[source]¶
Disassociates a group with an account with proper permissions.
- Parameters:
group_name – The name of the group to be assigned.
account_name – Name of the account to which the group will be assigned
permission_set_name – the Permission Set the group will have on the account
- Returns:
True or False
- Return type:
bool
- disassociate_user_from_account(user_name, account_name, permission_set_name)[source]¶
Disassociates an user with an account with proper permissions.
- Parameters:
user_name – The name of the user to be assigned.
account_name – Name of the account to which the user will be assigned
permission_set_name – the Permission Set the user will have on the account
- Returns:
True or False
- Return type:
bool
- property endpoint_url¶
The url of the api endpoint for sso.
- Returns:
The url of the api endpoint for sso.
- Return type:
endpoint_url (str)
- get_account_by_id(account_id)[source]¶
The account configured in SSO.
- Returns:
The Account object
- Return type:
account (Account)
- get_account_by_name(account_name)[source]¶
The account configured in SSO.
- Returns:
The Account object
- Return type:
account (Account)
- get_api_payload(content_string, target, method='POST', params=None, path='/', content_type=None, content_encoding=None, x_amz_target='', region=None)[source]¶
Generates the payload for calling the AWS SSO APIs.
- Returns:
Returns a deepcopy object of the payload
- Return type:
payload (dict)
- get_group_by_id(group_id)[source]¶
The group configured in SSO.
- Returns:
The Group object
- Return type:
group (Group)
- get_group_by_name(group_name)[source]¶
The group configured in SSO.
- Returns:
The Group object
- Return type:
group (Group)
- get_permission_set_by_name(permission_set_name)[source]¶
The permission-set configured in SSO.
- Returns:
The PermissionSet object
- Return type:
permission_set (PermissionSet)
- get_user_by_id(user_id)[source]¶
The user configured in SSO.
- Returns:
The User object
- Return type:
user (User)
- get_user_by_name(user_name)[source]¶
The user configured in SSO.
- Returns:
The User object
- Return type:
user (User)
- property groups¶
The groups configured in SSO.
- Returns:
The groups configured in SSO
- Return type:
groups (generator)
- property permission_sets¶
The permission_sets configured in SSO.
- Returns:
The permission sets configured in SSO
- Return type:
permission_sets (generator)
- property relay_state¶
The relay state of the SSO.
- Returns:
The relay state of sso.
- Return type:
relay_state (str)
- property users¶
The users configured in SSO.
- Returns:
The users configured in SSO
- Return type:
users (generator)
awsapilib.sso.ssoexceptions module¶
Custom exception code for sso.
- exception awsapilib.sso.ssoexceptions.NoAccount[source]¶
Bases:
Exception
The account does not exist.
- exception awsapilib.sso.ssoexceptions.NoPermissionSet[source]¶
Bases:
Exception
The permission set does not exist.
Module contents¶
sso package.
Import all parts from sso here