SSO Permission Set

An AWS SSO Permission Set is a collection of policies that define a set of permissions for users and groups when accessing AWS accounts through AWS IAM Identity Center (formerly AWS SSO). It simplifies access management by allowing administrators to centrally create and manage permission sets, which are then assigned to identities. This ensures consistent and scalable access control across multiple accounts without needing to manage individual IAM roles and policies in each account.

aws.sso_permission_set

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
attached_managed_policiescorejsonAn array of the AttachedManagedPolicy data type object.
created_datecoretimestampThe date that the permission set was created.
customer_managed_policy_referencescorejsonSpecifies the names and paths of the customer managed policies that you have attached to your permission set.
descriptioncorestringThe description of the PermissionSet.
inline_policycorestringThe inline policy that is attached to the permission set. For Length Constraints, if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.
namecorestringThe name of the permission set.
permission_set_arncorestringThe ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
permissions_boundarycorejsonThe permissions boundary attached to the specified permission set.
relay_statecorestringUsed to redirect users within the application during the federation authentication process.
session_durationcorestringThe length of time that the application user sessions are valid for in the ISO-8601 standard.
tagscorehstore