diff --git a/.hashibot.hcl b/.hashibot.hcl
index 051d60a038b..c389f09adeb 100644
--- a/.hashibot.hcl
+++ b/.hashibot.hcl
@@ -345,6 +345,9 @@ behavior "regexp_issue_labeler_v2" "service_labels" {
"service/iam" = [
"aws_iam_",
],
+ "service/identitystore" = [
+ "aws_identitystore_",
+ ],
"service/imagebuilder" = [
"aws_imagebuilder_",
],
@@ -532,6 +535,9 @@ behavior "regexp_issue_labeler_v2" "service_labels" {
"service/ssm" = [
"aws_ssm_",
],
+ "service/ssoadmin" = [
+ "aws_ssoadmin_",
+ ],
"service/storagegateway" = [
"aws_storagegateway_",
],
@@ -1077,6 +1083,11 @@ behavior "pull_request_path_labeler" "service_labels" {
"**/*_iam_*",
"**/iam_*"
]
+ "service/identitystore" = [
+ "aws/internal/service/identitystore/**/*",
+ "**/*_identitystore_*",
+ "**/identitystore_*"
+ ]
"service/imagebuilder" = [
"aws/internal/service/imagebuilder/**/*",
"**/*_imagebuilder_*",
@@ -1391,6 +1402,11 @@ behavior "pull_request_path_labeler" "service_labels" {
"**/*_ssm_*",
"**/ssm_*"
]
+ "service/ssoadmin" = [
+ "aws/internal/service/ssoadmin/**/*",
+ "**/*_ssoadmin_*",
+ "**/ssoadmin_*"
+ ]
"service/storagegateway" = [
"aws/internal/service/storagegateway/**/*",
"**/*_storagegateway_*",
diff --git a/aws/config.go b/aws/config.go
index 458fcfc04c6..492d9e38dcd 100644
--- a/aws/config.go
+++ b/aws/config.go
@@ -79,6 +79,7 @@ import (
"github.com/aws/aws-sdk-go/service/greengrass"
"github.com/aws/aws-sdk-go/service/guardduty"
"github.com/aws/aws-sdk-go/service/iam"
+ "github.com/aws/aws-sdk-go/service/identitystore"
"github.com/aws/aws-sdk-go/service/imagebuilder"
"github.com/aws/aws-sdk-go/service/inspector"
"github.com/aws/aws-sdk-go/service/iot"
@@ -139,6 +140,7 @@ import (
"github.com/aws/aws-sdk-go/service/sns"
"github.com/aws/aws-sdk-go/service/sqs"
"github.com/aws/aws-sdk-go/service/ssm"
+ "github.com/aws/aws-sdk-go/service/ssoadmin"
"github.com/aws/aws-sdk-go/service/storagegateway"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/aws/aws-sdk-go/service/swf"
@@ -264,6 +266,7 @@ type AWSClient struct {
guarddutyconn *guardduty.GuardDuty
greengrassconn *greengrass.Greengrass
iamconn *iam.IAM
+ identitystoreconn *identitystore.IdentityStore
IgnoreTagsConfig *keyvaluetags.IgnoreConfig
imagebuilderconn *imagebuilder.Imagebuilder
inspectorconn *inspector.Inspector
@@ -329,6 +332,7 @@ type AWSClient struct {
snsconn *sns.SNS
sqsconn *sqs.SQS
ssmconn *ssm.SSM
+ ssoadminconn *ssoadmin.SSOAdmin
storagegatewayconn *storagegateway.StorageGateway
stsconn *sts.STS
supportedplatforms []string
@@ -492,6 +496,7 @@ func (c *Config) Client() (interface{}, error) {
guarddutyconn: guardduty.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["guardduty"])})),
greengrassconn: greengrass.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["greengrass"])})),
iamconn: iam.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["iam"])})),
+ identitystoreconn: identitystore.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["identitystore"])})),
IgnoreTagsConfig: c.IgnoreTagsConfig,
imagebuilderconn: imagebuilder.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["imagebuilder"])})),
inspectorconn: inspector.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["inspector"])})),
@@ -552,6 +557,7 @@ func (c *Config) Client() (interface{}, error) {
snsconn: sns.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["sns"])})),
sqsconn: sqs.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["sqs"])})),
ssmconn: ssm.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["ssm"])})),
+ ssoadminconn: ssoadmin.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["ssoadmin"])})),
storagegatewayconn: storagegateway.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["storagegateway"])})),
stsconn: sts.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["sts"])})),
swfconn: swf.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["swf"])})),
diff --git a/aws/provider.go b/aws/provider.go
index 0311d1c66f7..a26986ddda1 100644
--- a/aws/provider.go
+++ b/aws/provider.go
@@ -1107,6 +1107,7 @@ func init() {
"greengrass",
"guardduty",
"iam",
+ "identitystore",
"imagebuilder",
"inspector",
"iot",
@@ -1166,6 +1167,7 @@ func init() {
"sns",
"sqs",
"ssm",
+ "ssoadmin",
"stepfunctions",
"storagegateway",
"sts",
diff --git a/infrastructure/repository/labels-service.tf b/infrastructure/repository/labels-service.tf
index 183b5c98743..3d257069bb2 100644
--- a/infrastructure/repository/labels-service.tf
+++ b/infrastructure/repository/labels-service.tf
@@ -98,6 +98,7 @@ variable "service_labels" {
"guardduty",
"honeycode",
"iam",
+ "identitystore",
"imagebuilder",
"inspector",
"iot",
@@ -175,6 +176,7 @@ variable "service_labels" {
"sns",
"sqs",
"ssm",
+ "ssoadmin",
"storagegateway",
"sts",
"support",
diff --git a/vendor/github.com/aws/aws-sdk-go/service/identitystore/api.go b/vendor/github.com/aws/aws-sdk-go/service/identitystore/api.go
new file mode 100644
index 00000000000..74c4740c532
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/identitystore/api.go
@@ -0,0 +1,1454 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package identitystore
+
+import (
+ "fmt"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/awsutil"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+)
+
+const opDescribeGroup = "DescribeGroup"
+
+// DescribeGroupRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeGroup operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeGroup for more information on using the DescribeGroup
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribeGroupRequest method.
+// req, resp := client.DescribeGroupRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/DescribeGroup
+func (c *IdentityStore) DescribeGroupRequest(input *DescribeGroupInput) (req *request.Request, output *DescribeGroupOutput) {
+ op := &request.Operation{
+ Name: opDescribeGroup,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribeGroupInput{}
+ }
+
+ output = &DescribeGroupOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribeGroup API operation for AWS SSO Identity Store.
+//
+// Retrieves the group metadata and attributes from GroupId in an identity store.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS SSO Identity Store's
+// API operation DescribeGroup for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception
+// or failure with an internal server.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/DescribeGroup
+func (c *IdentityStore) DescribeGroup(input *DescribeGroupInput) (*DescribeGroupOutput, error) {
+ req, out := c.DescribeGroupRequest(input)
+ return out, req.Send()
+}
+
+// DescribeGroupWithContext is the same as DescribeGroup with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeGroup for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) DescribeGroupWithContext(ctx aws.Context, input *DescribeGroupInput, opts ...request.Option) (*DescribeGroupOutput, error) {
+ req, out := c.DescribeGroupRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribeUser = "DescribeUser"
+
+// DescribeUserRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeUser operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeUser for more information on using the DescribeUser
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribeUserRequest method.
+// req, resp := client.DescribeUserRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/DescribeUser
+func (c *IdentityStore) DescribeUserRequest(input *DescribeUserInput) (req *request.Request, output *DescribeUserOutput) {
+ op := &request.Operation{
+ Name: opDescribeUser,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribeUserInput{}
+ }
+
+ output = &DescribeUserOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribeUser API operation for AWS SSO Identity Store.
+//
+// Retrieves the user metadata and attributes from UserId in an identity store.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS SSO Identity Store's
+// API operation DescribeUser for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception
+// or failure with an internal server.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/DescribeUser
+func (c *IdentityStore) DescribeUser(input *DescribeUserInput) (*DescribeUserOutput, error) {
+ req, out := c.DescribeUserRequest(input)
+ return out, req.Send()
+}
+
+// DescribeUserWithContext is the same as DescribeUser with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeUser for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) DescribeUserWithContext(ctx aws.Context, input *DescribeUserInput, opts ...request.Option) (*DescribeUserOutput, error) {
+ req, out := c.DescribeUserRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opListGroups = "ListGroups"
+
+// ListGroupsRequest generates a "aws/request.Request" representing the
+// client's request for the ListGroups operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListGroups for more information on using the ListGroups
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListGroupsRequest method.
+// req, resp := client.ListGroupsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/ListGroups
+func (c *IdentityStore) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) {
+ op := &request.Operation{
+ Name: opListGroups,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListGroupsInput{}
+ }
+
+ output = &ListGroupsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListGroups API operation for AWS SSO Identity Store.
+//
+// Lists the attribute name and value of the group that you specified in the
+// search. We only support DisplayName as a valid filter attribute path currently,
+// and filter is required. This API returns minimum attributes, including GroupId
+// and group DisplayName in the response.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS SSO Identity Store's
+// API operation ListGroups for usage and error information.
+//
+// Returned Error Types:
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception
+// or failure with an internal server.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/ListGroups
+func (c *IdentityStore) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) {
+ req, out := c.ListGroupsRequest(input)
+ return out, req.Send()
+}
+
+// ListGroupsWithContext is the same as ListGroups with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListGroups for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error) {
+ req, out := c.ListGroupsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListGroupsPages iterates over the pages of a ListGroups operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListGroups method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListGroups operation.
+// pageNum := 0
+// err := client.ListGroupsPages(params,
+// func(page *identitystore.ListGroupsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *IdentityStore) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error {
+ return c.ListGroupsPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListGroupsPagesWithContext same as ListGroupsPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListGroupsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListGroupsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListGroupsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListUsers = "ListUsers"
+
+// ListUsersRequest generates a "aws/request.Request" representing the
+// client's request for the ListUsers operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListUsers for more information on using the ListUsers
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListUsersRequest method.
+// req, resp := client.ListUsersRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/ListUsers
+func (c *IdentityStore) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) {
+ op := &request.Operation{
+ Name: opListUsers,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListUsersInput{}
+ }
+
+ output = &ListUsersOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListUsers API operation for AWS SSO Identity Store.
+//
+// Lists the attribute name and value of the user that you specified in the
+// search. We only support UserName as a valid filter attribute path currently,
+// and filter is required. This API returns minimum attributes, including UserId
+// and UserName in the response.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS SSO Identity Store's
+// API operation ListUsers for usage and error information.
+//
+// Returned Error Types:
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception
+// or failure with an internal server.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15/ListUsers
+func (c *IdentityStore) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) {
+ req, out := c.ListUsersRequest(input)
+ return out, req.Send()
+}
+
+// ListUsersWithContext is the same as ListUsers with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListUsers for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error) {
+ req, out := c.ListUsersRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListUsersPages iterates over the pages of a ListUsers operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListUsers method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListUsers operation.
+// pageNum := 0
+// err := client.ListUsersPages(params,
+// func(page *identitystore.ListUsersOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *IdentityStore) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error {
+ return c.ListUsersPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListUsersPagesWithContext same as ListUsersPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *IdentityStore) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListUsersInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListUsersRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListUsersOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+// You do not have sufficient access to perform this action.
+type AccessDeniedException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" min:"1" type:"string"`
+
+ // The identifier for each request. This value is a globally unique ID that
+ // is generated by the Identity Store service for each sent request, and is
+ // then returned inside the exception if the request fails.
+ RequestId *string `type:"string"`
+}
+
+// String returns the string representation
+func (s AccessDeniedException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AccessDeniedException) GoString() string {
+ return s.String()
+}
+
+func newErrorAccessDeniedException(v protocol.ResponseMetadata) error {
+ return &AccessDeniedException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *AccessDeniedException) Code() string {
+ return "AccessDeniedException"
+}
+
+// Message returns the exception's message.
+func (s *AccessDeniedException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *AccessDeniedException) OrigErr() error {
+ return nil
+}
+
+func (s *AccessDeniedException) Error() string {
+ return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *AccessDeniedException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *AccessDeniedException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type DescribeGroupInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier for a group in the identity store.
+ //
+ // GroupId is a required field
+ GroupId *string `min:"1" type:"string" required:"true"`
+
+ // The globally unique identifier for the identity store, such as d-1234567890.
+ // In this example, d- is a fixed prefix, and 1234567890 is a randomly generated
+ // string which contains number and lower case letters. This value is generated
+ // at the time that a new identity store is created.
+ //
+ // IdentityStoreId is a required field
+ IdentityStoreId *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribeGroupInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeGroupInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribeGroupInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeGroupInput"}
+ if s.GroupId == nil {
+ invalidParams.Add(request.NewErrParamRequired("GroupId"))
+ }
+ if s.GroupId != nil && len(*s.GroupId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("GroupId", 1))
+ }
+ if s.IdentityStoreId == nil {
+ invalidParams.Add(request.NewErrParamRequired("IdentityStoreId"))
+ }
+ if s.IdentityStoreId != nil && len(*s.IdentityStoreId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("IdentityStoreId", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetGroupId sets the GroupId field's value.
+func (s *DescribeGroupInput) SetGroupId(v string) *DescribeGroupInput {
+ s.GroupId = &v
+ return s
+}
+
+// SetIdentityStoreId sets the IdentityStoreId field's value.
+func (s *DescribeGroupInput) SetIdentityStoreId(v string) *DescribeGroupInput {
+ s.IdentityStoreId = &v
+ return s
+}
+
+type DescribeGroupOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Contains the group’s display name value. The length limit is 1024 characters.
+ // This value can consist of letters, accented characters, symbols, numbers,
+ // punctuation, tab, new line, carriage return, space and non breaking space
+ // in this attribute. The characters “<>;:%” are excluded. This value is
+ // specified at the time the group is created and stored as an attribute of
+ // the group object in the identity store.
+ //
+ // DisplayName is a required field
+ DisplayName *string `min:"1" type:"string" required:"true"`
+
+ // The identifier for a group in the identity store.
+ //
+ // GroupId is a required field
+ GroupId *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribeGroupOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeGroupOutput) GoString() string {
+ return s.String()
+}
+
+// SetDisplayName sets the DisplayName field's value.
+func (s *DescribeGroupOutput) SetDisplayName(v string) *DescribeGroupOutput {
+ s.DisplayName = &v
+ return s
+}
+
+// SetGroupId sets the GroupId field's value.
+func (s *DescribeGroupOutput) SetGroupId(v string) *DescribeGroupOutput {
+ s.GroupId = &v
+ return s
+}
+
+type DescribeUserInput struct {
+ _ struct{} `type:"structure"`
+
+ // The globally unique identifier for the identity store, such as d-1234567890.
+ // In this example, d- is a fixed prefix, and 1234567890 is a randomly generated
+ // string which contains number and lower case letters. This value is generated
+ // at the time that a new identity store is created.
+ //
+ // IdentityStoreId is a required field
+ IdentityStoreId *string `min:"1" type:"string" required:"true"`
+
+ // The identifier for a user in the identity store.
+ //
+ // UserId is a required field
+ UserId *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribeUserInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeUserInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribeUserInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeUserInput"}
+ if s.IdentityStoreId == nil {
+ invalidParams.Add(request.NewErrParamRequired("IdentityStoreId"))
+ }
+ if s.IdentityStoreId != nil && len(*s.IdentityStoreId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("IdentityStoreId", 1))
+ }
+ if s.UserId == nil {
+ invalidParams.Add(request.NewErrParamRequired("UserId"))
+ }
+ if s.UserId != nil && len(*s.UserId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("UserId", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetIdentityStoreId sets the IdentityStoreId field's value.
+func (s *DescribeUserInput) SetIdentityStoreId(v string) *DescribeUserInput {
+ s.IdentityStoreId = &v
+ return s
+}
+
+// SetUserId sets the UserId field's value.
+func (s *DescribeUserInput) SetUserId(v string) *DescribeUserInput {
+ s.UserId = &v
+ return s
+}
+
+type DescribeUserOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier for a user in the identity store.
+ //
+ // UserId is a required field
+ UserId *string `min:"1" type:"string" required:"true"`
+
+ // Contains the user’s username value. The length limit is 128 characters.
+ // This value can consist of letters, accented characters, symbols, numbers
+ // and punctuation. The characters “<>;:%” are excluded. This value is specified
+ // at the time the user is created and stored as an attribute of the user object
+ // in the identity store.
+ //
+ // UserName is a required field
+ UserName *string `min:"1" type:"string" required:"true" sensitive:"true"`
+}
+
+// String returns the string representation
+func (s DescribeUserOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeUserOutput) GoString() string {
+ return s.String()
+}
+
+// SetUserId sets the UserId field's value.
+func (s *DescribeUserOutput) SetUserId(v string) *DescribeUserOutput {
+ s.UserId = &v
+ return s
+}
+
+// SetUserName sets the UserName field's value.
+func (s *DescribeUserOutput) SetUserName(v string) *DescribeUserOutput {
+ s.UserName = &v
+ return s
+}
+
+// A query filter used by ListUsers and ListGroup. This filter object provides
+// the attribute name and attribute value to search users or groups.
+type Filter struct {
+ _ struct{} `type:"structure"`
+
+ // The attribute path used to specify which attribute name to search. Length
+ // limit is 255 characters. For example, UserName is a valid attribute path
+ // for the ListUsers API, and DisplayName is a valid attribute path for the
+ // ListGroups API.
+ //
+ // AttributePath is a required field
+ AttributePath *string `min:"1" type:"string" required:"true"`
+
+ // Represents the data for an attribute. Each attribute value is described as
+ // a name-value pair.
+ //
+ // AttributeValue is a required field
+ AttributeValue *string `min:"1" type:"string" required:"true" sensitive:"true"`
+}
+
+// String returns the string representation
+func (s Filter) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Filter) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *Filter) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "Filter"}
+ if s.AttributePath == nil {
+ invalidParams.Add(request.NewErrParamRequired("AttributePath"))
+ }
+ if s.AttributePath != nil && len(*s.AttributePath) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("AttributePath", 1))
+ }
+ if s.AttributeValue == nil {
+ invalidParams.Add(request.NewErrParamRequired("AttributeValue"))
+ }
+ if s.AttributeValue != nil && len(*s.AttributeValue) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("AttributeValue", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAttributePath sets the AttributePath field's value.
+func (s *Filter) SetAttributePath(v string) *Filter {
+ s.AttributePath = &v
+ return s
+}
+
+// SetAttributeValue sets the AttributeValue field's value.
+func (s *Filter) SetAttributeValue(v string) *Filter {
+ s.AttributeValue = &v
+ return s
+}
+
+// A group object, which contains a specified group’s metadata and attributes.
+type Group struct {
+ _ struct{} `type:"structure"`
+
+ // Contains the group’s display name value. The length limit is 1024 characters.
+ // This value can consist of letters, accented characters, symbols, numbers,
+ // punctuation, tab, new line, carriage return, space and non breaking space
+ // in this attribute. The characters “<>;:%” are excluded. This value is
+ // specified at the time the group is created and stored as an attribute of
+ // the group object in the identity store.
+ //
+ // DisplayName is a required field
+ DisplayName *string `min:"1" type:"string" required:"true"`
+
+ // The identifier for a group in the identity store.
+ //
+ // GroupId is a required field
+ GroupId *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s Group) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Group) GoString() string {
+ return s.String()
+}
+
+// SetDisplayName sets the DisplayName field's value.
+func (s *Group) SetDisplayName(v string) *Group {
+ s.DisplayName = &v
+ return s
+}
+
+// SetGroupId sets the GroupId field's value.
+func (s *Group) SetGroupId(v string) *Group {
+ s.GroupId = &v
+ return s
+}
+
+// The request processing has failed because of an unknown error, exception
+// or failure with an internal server.
+type InternalServerException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" min:"1" type:"string"`
+
+ // The identifier for each request. This value is a globally unique ID that
+ // is generated by the Identity Store service for each sent request, and is
+ // then returned inside the exception if the request fails.
+ RequestId *string `type:"string"`
+}
+
+// String returns the string representation
+func (s InternalServerException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InternalServerException) GoString() string {
+ return s.String()
+}
+
+func newErrorInternalServerException(v protocol.ResponseMetadata) error {
+ return &InternalServerException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InternalServerException) Code() string {
+ return "InternalServerException"
+}
+
+// Message returns the exception's message.
+func (s *InternalServerException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InternalServerException) OrigErr() error {
+ return nil
+}
+
+func (s *InternalServerException) Error() string {
+ return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InternalServerException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InternalServerException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type ListGroupsInput struct {
+ _ struct{} `type:"structure"`
+
+ // A list of Filter objects, which is used in the ListUsers and ListGroups request.
+ Filters []*Filter `type:"list"`
+
+ // The globally unique identifier for the identity store, such as d-1234567890.
+ // In this example, d- is a fixed prefix, and 1234567890 is a randomly generated
+ // string which contains number and lower case letters. This value is generated
+ // at the time that a new identity store is created.
+ //
+ // IdentityStoreId is a required field
+ IdentityStoreId *string `min:"1" type:"string" required:"true"`
+
+ // The maximum number of results to be returned per request, which is used in
+ // the ListUsers and ListGroups request to specify how many results to return
+ // in one page. The length limit is 50 characters.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token used for the ListUsers and ListGroups APIs. This value
+ // is generated by the identity store service and is returned in the API response
+ // if the total results are more than the size of one page, and when this token
+ // is used in the API request to search for the next page.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s ListGroupsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListGroupsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListGroupsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListGroupsInput"}
+ if s.IdentityStoreId == nil {
+ invalidParams.Add(request.NewErrParamRequired("IdentityStoreId"))
+ }
+ if s.IdentityStoreId != nil && len(*s.IdentityStoreId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("IdentityStoreId", 1))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
+ }
+ if s.Filters != nil {
+ for i, v := range s.Filters {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFilters sets the Filters field's value.
+func (s *ListGroupsInput) SetFilters(v []*Filter) *ListGroupsInput {
+ s.Filters = v
+ return s
+}
+
+// SetIdentityStoreId sets the IdentityStoreId field's value.
+func (s *ListGroupsInput) SetIdentityStoreId(v string) *ListGroupsInput {
+ s.IdentityStoreId = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListGroupsInput) SetMaxResults(v int64) *ListGroupsInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListGroupsInput) SetNextToken(v string) *ListGroupsInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListGroupsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // A list of Group objects in the identity store.
+ //
+ // Groups is a required field
+ Groups []*Group `type:"list" required:"true"`
+
+ // The pagination token used for the ListUsers and ListGroups APIs. This value
+ // is generated by the identity store service and is returned in the API response
+ // if the total results are more than the size of one page, and when this token
+ // is used in the API request to search for the next page.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s ListGroupsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListGroupsOutput) GoString() string {
+ return s.String()
+}
+
+// SetGroups sets the Groups field's value.
+func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput {
+ s.Groups = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListGroupsOutput) SetNextToken(v string) *ListGroupsOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListUsersInput struct {
+ _ struct{} `type:"structure"`
+
+ // A list of Filter objects, which is used in the ListUsers and ListGroups request.
+ Filters []*Filter `type:"list"`
+
+ // The globally unique identifier for the identity store, such as d-1234567890.
+ // In this example, d- is a fixed prefix, and 1234567890 is a randomly generated
+ // string which contains number and lower case letters. This value is generated
+ // at the time that a new identity store is created.
+ //
+ // IdentityStoreId is a required field
+ IdentityStoreId *string `min:"1" type:"string" required:"true"`
+
+ // The maximum number of results to be returned per request, which is used in
+ // the ListUsers and ListGroups request to specify how many results to return
+ // in one page. The length limit is 50 characters.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token used for the ListUsers and ListGroups APIs. This value
+ // is generated by the identity store service and is returned in the API response
+ // if the total results are more than the size of one page, and when this token
+ // is used in the API request to search for the next page.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s ListUsersInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListUsersInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListUsersInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListUsersInput"}
+ if s.IdentityStoreId == nil {
+ invalidParams.Add(request.NewErrParamRequired("IdentityStoreId"))
+ }
+ if s.IdentityStoreId != nil && len(*s.IdentityStoreId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("IdentityStoreId", 1))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
+ }
+ if s.Filters != nil {
+ for i, v := range s.Filters {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFilters sets the Filters field's value.
+func (s *ListUsersInput) SetFilters(v []*Filter) *ListUsersInput {
+ s.Filters = v
+ return s
+}
+
+// SetIdentityStoreId sets the IdentityStoreId field's value.
+func (s *ListUsersInput) SetIdentityStoreId(v string) *ListUsersInput {
+ s.IdentityStoreId = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListUsersInput) SetMaxResults(v int64) *ListUsersInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListUsersInput) SetNextToken(v string) *ListUsersInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListUsersOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The pagination token used for the ListUsers and ListGroups APIs. This value
+ // is generated by the identity store service and is returned in the API response
+ // if the total results are more than the size of one page, and when this token
+ // is used in the API request to search for the next page.
+ NextToken *string `min:"1" type:"string"`
+
+ // A list of User objects in the identity store.
+ //
+ // Users is a required field
+ Users []*User `type:"list" required:"true"`
+}
+
+// String returns the string representation
+func (s ListUsersOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListUsersOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListUsersOutput) SetNextToken(v string) *ListUsersOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetUsers sets the Users field's value.
+func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput {
+ s.Users = v
+ return s
+}
+
+// Indicates that a requested resource is not found.
+type ResourceNotFoundException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" min:"1" type:"string"`
+
+ // The identifier for each request. This value is a globally unique ID that
+ // is generated by the Identity Store service for each sent request, and is
+ // then returned inside the exception if the request fails.
+ RequestId *string `type:"string"`
+
+ // The identifier for a resource in the identity store, which can be used as
+ // UserId or GroupId. The format for ResourceId is either UUID or 1234567890-UUID,
+ // where UUID is a randomly generated value for each resource when it is created
+ // and 1234567890 represents the IdentityStoreId string value. In the case that
+ // the identity store is migrated from a legacy SSO identity store, the ResourceId
+ // for that identity store will be in the format of UUID. Otherwise, it will
+ // be in the 1234567890-UUID format.
+ ResourceId *string `min:"1" type:"string"`
+
+ // The type of resource in the Identity Store service, which is an enum object.
+ // Valid values include USER, GROUP, and IDENTITY_STORE.
+ ResourceType *string `type:"string" enum:"ResourceType"`
+}
+
+// String returns the string representation
+func (s ResourceNotFoundException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ResourceNotFoundException) GoString() string {
+ return s.String()
+}
+
+func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error {
+ return &ResourceNotFoundException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ResourceNotFoundException) Code() string {
+ return "ResourceNotFoundException"
+}
+
+// Message returns the exception's message.
+func (s *ResourceNotFoundException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ResourceNotFoundException) OrigErr() error {
+ return nil
+}
+
+func (s *ResourceNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ResourceNotFoundException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ResourceNotFoundException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+type ThrottlingException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" min:"1" type:"string"`
+
+ // The identifier for each request. This value is a globally unique ID that
+ // is generated by the Identity Store service for each sent request, and is
+ // then returned inside the exception if the request fails.
+ RequestId *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ThrottlingException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ThrottlingException) GoString() string {
+ return s.String()
+}
+
+func newErrorThrottlingException(v protocol.ResponseMetadata) error {
+ return &ThrottlingException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ThrottlingException) Code() string {
+ return "ThrottlingException"
+}
+
+// Message returns the exception's message.
+func (s *ThrottlingException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ThrottlingException) OrigErr() error {
+ return nil
+}
+
+func (s *ThrottlingException) Error() string {
+ return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ThrottlingException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ThrottlingException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// A user object, which contains a specified user’s metadata and attributes.
+type User struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier for a user in the identity store.
+ //
+ // UserId is a required field
+ UserId *string `min:"1" type:"string" required:"true"`
+
+ // Contains the user’s username value. The length limit is 128 characters.
+ // This value can consist of letters, accented characters, symbols, numbers
+ // and punctuation. The characters “<>;:%” are excluded. This value is specified
+ // at the time the user is created and stored as an attribute of the user object
+ // in the identity store.
+ //
+ // UserName is a required field
+ UserName *string `min:"1" type:"string" required:"true" sensitive:"true"`
+}
+
+// String returns the string representation
+func (s User) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s User) GoString() string {
+ return s.String()
+}
+
+// SetUserId sets the UserId field's value.
+func (s *User) SetUserId(v string) *User {
+ s.UserId = &v
+ return s
+}
+
+// SetUserName sets the UserName field's value.
+func (s *User) SetUserName(v string) *User {
+ s.UserName = &v
+ return s
+}
+
+// The request failed because it contains a syntax error.
+type ValidationException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" min:"1" type:"string"`
+
+ // The identifier for each request. This value is a globally unique ID that
+ // is generated by the Identity Store service for each sent request, and is
+ // then returned inside the exception if the request fails.
+ RequestId *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ValidationException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ValidationException) GoString() string {
+ return s.String()
+}
+
+func newErrorValidationException(v protocol.ResponseMetadata) error {
+ return &ValidationException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ValidationException) Code() string {
+ return "ValidationException"
+}
+
+// Message returns the exception's message.
+func (s *ValidationException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ValidationException) OrigErr() error {
+ return nil
+}
+
+func (s *ValidationException) Error() string {
+ return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ValidationException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ValidationException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+const (
+ // ResourceTypeGroup is a ResourceType enum value
+ ResourceTypeGroup = "GROUP"
+
+ // ResourceTypeUser is a ResourceType enum value
+ ResourceTypeUser = "USER"
+
+ // ResourceTypeIdentityStore is a ResourceType enum value
+ ResourceTypeIdentityStore = "IDENTITY_STORE"
+)
+
+// ResourceType_Values returns all elements of the ResourceType enum
+func ResourceType_Values() []string {
+ return []string{
+ ResourceTypeGroup,
+ ResourceTypeUser,
+ ResourceTypeIdentityStore,
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/identitystore/doc.go b/vendor/github.com/aws/aws-sdk-go/service/identitystore/doc.go
new file mode 100644
index 00000000000..6fc2e6e9bc3
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/identitystore/doc.go
@@ -0,0 +1,26 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+// Package identitystore provides the client and types for making API
+// requests to AWS SSO Identity Store.
+//
+// See https://docs.aws.amazon.com/goto/WebAPI/identitystore-2020-06-15 for more information on this service.
+//
+// See identitystore package documentation for more information.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/identitystore/
+//
+// Using the Client
+//
+// To contact AWS SSO Identity Store with the SDK use the New function to create
+// a new service client. With that client you can make API requests to the service.
+// These clients are safe to use concurrently.
+//
+// See the SDK's documentation for more information on how to use the SDK.
+// https://docs.aws.amazon.com/sdk-for-go/api/
+//
+// See aws.Config documentation for more information on configuring SDK clients.
+// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
+//
+// See the AWS SSO Identity Store client IdentityStore for more
+// information on creating client for this service.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/identitystore/#New
+package identitystore
diff --git a/vendor/github.com/aws/aws-sdk-go/service/identitystore/errors.go b/vendor/github.com/aws/aws-sdk-go/service/identitystore/errors.go
new file mode 100644
index 00000000000..c837ae8197e
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/identitystore/errors.go
@@ -0,0 +1,50 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package identitystore
+
+import (
+ "github.com/aws/aws-sdk-go/private/protocol"
+)
+
+const (
+
+ // ErrCodeAccessDeniedException for service response error code
+ // "AccessDeniedException".
+ //
+ // You do not have sufficient access to perform this action.
+ ErrCodeAccessDeniedException = "AccessDeniedException"
+
+ // ErrCodeInternalServerException for service response error code
+ // "InternalServerException".
+ //
+ // The request processing has failed because of an unknown error, exception
+ // or failure with an internal server.
+ ErrCodeInternalServerException = "InternalServerException"
+
+ // ErrCodeResourceNotFoundException for service response error code
+ // "ResourceNotFoundException".
+ //
+ // Indicates that a requested resource is not found.
+ ErrCodeResourceNotFoundException = "ResourceNotFoundException"
+
+ // ErrCodeThrottlingException for service response error code
+ // "ThrottlingException".
+ //
+ // Indicates that the principal has crossed the throttling limits of the API
+ // operations.
+ ErrCodeThrottlingException = "ThrottlingException"
+
+ // ErrCodeValidationException for service response error code
+ // "ValidationException".
+ //
+ // The request failed because it contains a syntax error.
+ ErrCodeValidationException = "ValidationException"
+)
+
+var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
+ "AccessDeniedException": newErrorAccessDeniedException,
+ "InternalServerException": newErrorInternalServerException,
+ "ResourceNotFoundException": newErrorResourceNotFoundException,
+ "ThrottlingException": newErrorThrottlingException,
+ "ValidationException": newErrorValidationException,
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/identitystore/service.go b/vendor/github.com/aws/aws-sdk-go/service/identitystore/service.go
new file mode 100644
index 00000000000..651b742c58f
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/identitystore/service.go
@@ -0,0 +1,106 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package identitystore
+
+import (
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/client"
+ "github.com/aws/aws-sdk-go/aws/client/metadata"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/aws/signer/v4"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
+)
+
+// IdentityStore provides the API operation methods for making requests to
+// AWS SSO Identity Store. See this package's package overview docs
+// for details on the service.
+//
+// IdentityStore methods are safe to use concurrently. It is not safe to
+// modify mutate any of the struct's properties though.
+type IdentityStore struct {
+ *client.Client
+}
+
+// Used for custom client initialization logic
+var initClient func(*client.Client)
+
+// Used for custom request initialization logic
+var initRequest func(*request.Request)
+
+// Service information constants
+const (
+ ServiceName = "identitystore" // Name of service.
+ EndpointsID = ServiceName // ID to lookup a service endpoint with.
+ ServiceID = "identitystore" // ServiceID is a unique identifier of a specific service.
+)
+
+// New creates a new instance of the IdentityStore client with a session.
+// If additional configuration is needed for the client instance use the optional
+// aws.Config parameter to add your extra config.
+//
+// Example:
+// mySession := session.Must(session.NewSession())
+//
+// // Create a IdentityStore client from just a session.
+// svc := identitystore.New(mySession)
+//
+// // Create a IdentityStore client with additional configuration
+// svc := identitystore.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
+func New(p client.ConfigProvider, cfgs ...*aws.Config) *IdentityStore {
+ c := p.ClientConfig(EndpointsID, cfgs...)
+ if c.SigningNameDerived || len(c.SigningName) == 0 {
+ c.SigningName = "identitystore"
+ }
+ return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName)
+}
+
+// newClient creates, initializes and returns a new service client instance.
+func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *IdentityStore {
+ svc := &IdentityStore{
+ Client: client.New(
+ cfg,
+ metadata.ClientInfo{
+ ServiceName: ServiceName,
+ ServiceID: ServiceID,
+ SigningName: signingName,
+ SigningRegion: signingRegion,
+ PartitionID: partitionID,
+ Endpoint: endpoint,
+ APIVersion: "2020-06-15",
+ JSONVersion: "1.1",
+ TargetPrefix: "AWSIdentityStore",
+ },
+ handlers,
+ ),
+ }
+
+ // Handlers
+ svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
+ svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler)
+ svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler)
+ svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler)
+ svc.Handlers.UnmarshalError.PushBackNamed(
+ protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(),
+ )
+
+ // Run custom client initialization if present
+ if initClient != nil {
+ initClient(svc.Client)
+ }
+
+ return svc
+}
+
+// newRequest creates a new request for a IdentityStore operation and runs any
+// custom request initialization.
+func (c *IdentityStore) newRequest(op *request.Operation, params, data interface{}) *request.Request {
+ req := c.NewRequest(op, params, data)
+
+ // Run custom request initialization if present
+ if initRequest != nil {
+ initRequest(req)
+ }
+
+ return req
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/api.go
new file mode 100644
index 00000000000..c7908a98b9f
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/api.go
@@ -0,0 +1,7000 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package ssoadmin
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/awsutil"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
+)
+
+const opAttachManagedPolicyToPermissionSet = "AttachManagedPolicyToPermissionSet"
+
+// AttachManagedPolicyToPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the AttachManagedPolicyToPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See AttachManagedPolicyToPermissionSet for more information on using the AttachManagedPolicyToPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the AttachManagedPolicyToPermissionSetRequest method.
+// req, resp := client.AttachManagedPolicyToPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSet
+func (c *SSOAdmin) AttachManagedPolicyToPermissionSetRequest(input *AttachManagedPolicyToPermissionSetInput) (req *request.Request, output *AttachManagedPolicyToPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opAttachManagedPolicyToPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &AttachManagedPolicyToPermissionSetInput{}
+ }
+
+ output = &AttachManagedPolicyToPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// AttachManagedPolicyToPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Attaches an IAM managed policy ARN to a permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation AttachManagedPolicyToPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ServiceQuotaExceededException
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/AttachManagedPolicyToPermissionSet
+func (c *SSOAdmin) AttachManagedPolicyToPermissionSet(input *AttachManagedPolicyToPermissionSetInput) (*AttachManagedPolicyToPermissionSetOutput, error) {
+ req, out := c.AttachManagedPolicyToPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// AttachManagedPolicyToPermissionSetWithContext is the same as AttachManagedPolicyToPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See AttachManagedPolicyToPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) AttachManagedPolicyToPermissionSetWithContext(ctx aws.Context, input *AttachManagedPolicyToPermissionSetInput, opts ...request.Option) (*AttachManagedPolicyToPermissionSetOutput, error) {
+ req, out := c.AttachManagedPolicyToPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opCreateAccountAssignment = "CreateAccountAssignment"
+
+// CreateAccountAssignmentRequest generates a "aws/request.Request" representing the
+// client's request for the CreateAccountAssignment operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See CreateAccountAssignment for more information on using the CreateAccountAssignment
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the CreateAccountAssignmentRequest method.
+// req, resp := client.CreateAccountAssignmentRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignment
+func (c *SSOAdmin) CreateAccountAssignmentRequest(input *CreateAccountAssignmentInput) (req *request.Request, output *CreateAccountAssignmentOutput) {
+ op := &request.Operation{
+ Name: opCreateAccountAssignment,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &CreateAccountAssignmentInput{}
+ }
+
+ output = &CreateAccountAssignmentOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// CreateAccountAssignment API operation for AWS Single Sign-On Admin.
+//
+// Assigns access to a principal for a specified AWS account using a specified
+// permission set.
+//
+// The term principal here refers to a user or group that is defined in AWS
+// SSO.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation CreateAccountAssignment for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ServiceQuotaExceededException
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateAccountAssignment
+func (c *SSOAdmin) CreateAccountAssignment(input *CreateAccountAssignmentInput) (*CreateAccountAssignmentOutput, error) {
+ req, out := c.CreateAccountAssignmentRequest(input)
+ return out, req.Send()
+}
+
+// CreateAccountAssignmentWithContext is the same as CreateAccountAssignment with the addition of
+// the ability to pass a context and additional request options.
+//
+// See CreateAccountAssignment for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) CreateAccountAssignmentWithContext(ctx aws.Context, input *CreateAccountAssignmentInput, opts ...request.Option) (*CreateAccountAssignmentOutput, error) {
+ req, out := c.CreateAccountAssignmentRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opCreatePermissionSet = "CreatePermissionSet"
+
+// CreatePermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the CreatePermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See CreatePermissionSet for more information on using the CreatePermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the CreatePermissionSetRequest method.
+// req, resp := client.CreatePermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSet
+func (c *SSOAdmin) CreatePermissionSetRequest(input *CreatePermissionSetInput) (req *request.Request, output *CreatePermissionSetOutput) {
+ op := &request.Operation{
+ Name: opCreatePermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &CreatePermissionSetInput{}
+ }
+
+ output = &CreatePermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// CreatePermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Creates a permission set within a specified SSO instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation CreatePermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ServiceQuotaExceededException
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreatePermissionSet
+func (c *SSOAdmin) CreatePermissionSet(input *CreatePermissionSetInput) (*CreatePermissionSetOutput, error) {
+ req, out := c.CreatePermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// CreatePermissionSetWithContext is the same as CreatePermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See CreatePermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) CreatePermissionSetWithContext(ctx aws.Context, input *CreatePermissionSetInput, opts ...request.Option) (*CreatePermissionSetOutput, error) {
+ req, out := c.CreatePermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDeleteAccountAssignment = "DeleteAccountAssignment"
+
+// DeleteAccountAssignmentRequest generates a "aws/request.Request" representing the
+// client's request for the DeleteAccountAssignment operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DeleteAccountAssignment for more information on using the DeleteAccountAssignment
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DeleteAccountAssignmentRequest method.
+// req, resp := client.DeleteAccountAssignmentRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignment
+func (c *SSOAdmin) DeleteAccountAssignmentRequest(input *DeleteAccountAssignmentInput) (req *request.Request, output *DeleteAccountAssignmentOutput) {
+ op := &request.Operation{
+ Name: opDeleteAccountAssignment,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DeleteAccountAssignmentInput{}
+ }
+
+ output = &DeleteAccountAssignmentOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DeleteAccountAssignment API operation for AWS Single Sign-On Admin.
+//
+// Deletes a principal's access from a specified AWS account using a specified
+// permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DeleteAccountAssignment for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteAccountAssignment
+func (c *SSOAdmin) DeleteAccountAssignment(input *DeleteAccountAssignmentInput) (*DeleteAccountAssignmentOutput, error) {
+ req, out := c.DeleteAccountAssignmentRequest(input)
+ return out, req.Send()
+}
+
+// DeleteAccountAssignmentWithContext is the same as DeleteAccountAssignment with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DeleteAccountAssignment for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DeleteAccountAssignmentWithContext(ctx aws.Context, input *DeleteAccountAssignmentInput, opts ...request.Option) (*DeleteAccountAssignmentOutput, error) {
+ req, out := c.DeleteAccountAssignmentRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDeleteInlinePolicyFromPermissionSet = "DeleteInlinePolicyFromPermissionSet"
+
+// DeleteInlinePolicyFromPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the DeleteInlinePolicyFromPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DeleteInlinePolicyFromPermissionSet for more information on using the DeleteInlinePolicyFromPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DeleteInlinePolicyFromPermissionSetRequest method.
+// req, resp := client.DeleteInlinePolicyFromPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInlinePolicyFromPermissionSet
+func (c *SSOAdmin) DeleteInlinePolicyFromPermissionSetRequest(input *DeleteInlinePolicyFromPermissionSetInput) (req *request.Request, output *DeleteInlinePolicyFromPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opDeleteInlinePolicyFromPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DeleteInlinePolicyFromPermissionSetInput{}
+ }
+
+ output = &DeleteInlinePolicyFromPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// DeleteInlinePolicyFromPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Deletes the inline policy from a specified permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DeleteInlinePolicyFromPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeleteInlinePolicyFromPermissionSet
+func (c *SSOAdmin) DeleteInlinePolicyFromPermissionSet(input *DeleteInlinePolicyFromPermissionSetInput) (*DeleteInlinePolicyFromPermissionSetOutput, error) {
+ req, out := c.DeleteInlinePolicyFromPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// DeleteInlinePolicyFromPermissionSetWithContext is the same as DeleteInlinePolicyFromPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DeleteInlinePolicyFromPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DeleteInlinePolicyFromPermissionSetWithContext(ctx aws.Context, input *DeleteInlinePolicyFromPermissionSetInput, opts ...request.Option) (*DeleteInlinePolicyFromPermissionSetOutput, error) {
+ req, out := c.DeleteInlinePolicyFromPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDeletePermissionSet = "DeletePermissionSet"
+
+// DeletePermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the DeletePermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DeletePermissionSet for more information on using the DeletePermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DeletePermissionSetRequest method.
+// req, resp := client.DeletePermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionSet
+func (c *SSOAdmin) DeletePermissionSetRequest(input *DeletePermissionSetInput) (req *request.Request, output *DeletePermissionSetOutput) {
+ op := &request.Operation{
+ Name: opDeletePermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DeletePermissionSetInput{}
+ }
+
+ output = &DeletePermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// DeletePermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Deletes the specified permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DeletePermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DeletePermissionSet
+func (c *SSOAdmin) DeletePermissionSet(input *DeletePermissionSetInput) (*DeletePermissionSetOutput, error) {
+ req, out := c.DeletePermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// DeletePermissionSetWithContext is the same as DeletePermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DeletePermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DeletePermissionSetWithContext(ctx aws.Context, input *DeletePermissionSetInput, opts ...request.Option) (*DeletePermissionSetOutput, error) {
+ req, out := c.DeletePermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribeAccountAssignmentCreationStatus = "DescribeAccountAssignmentCreationStatus"
+
+// DescribeAccountAssignmentCreationStatusRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeAccountAssignmentCreationStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeAccountAssignmentCreationStatus for more information on using the DescribeAccountAssignmentCreationStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribeAccountAssignmentCreationStatusRequest method.
+// req, resp := client.DescribeAccountAssignmentCreationStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatus
+func (c *SSOAdmin) DescribeAccountAssignmentCreationStatusRequest(input *DescribeAccountAssignmentCreationStatusInput) (req *request.Request, output *DescribeAccountAssignmentCreationStatusOutput) {
+ op := &request.Operation{
+ Name: opDescribeAccountAssignmentCreationStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribeAccountAssignmentCreationStatusInput{}
+ }
+
+ output = &DescribeAccountAssignmentCreationStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribeAccountAssignmentCreationStatus API operation for AWS Single Sign-On Admin.
+//
+// Describes the status of the assignment creation request.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DescribeAccountAssignmentCreationStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentCreationStatus
+func (c *SSOAdmin) DescribeAccountAssignmentCreationStatus(input *DescribeAccountAssignmentCreationStatusInput) (*DescribeAccountAssignmentCreationStatusOutput, error) {
+ req, out := c.DescribeAccountAssignmentCreationStatusRequest(input)
+ return out, req.Send()
+}
+
+// DescribeAccountAssignmentCreationStatusWithContext is the same as DescribeAccountAssignmentCreationStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeAccountAssignmentCreationStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DescribeAccountAssignmentCreationStatusWithContext(ctx aws.Context, input *DescribeAccountAssignmentCreationStatusInput, opts ...request.Option) (*DescribeAccountAssignmentCreationStatusOutput, error) {
+ req, out := c.DescribeAccountAssignmentCreationStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribeAccountAssignmentDeletionStatus = "DescribeAccountAssignmentDeletionStatus"
+
+// DescribeAccountAssignmentDeletionStatusRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeAccountAssignmentDeletionStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeAccountAssignmentDeletionStatus for more information on using the DescribeAccountAssignmentDeletionStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribeAccountAssignmentDeletionStatusRequest method.
+// req, resp := client.DescribeAccountAssignmentDeletionStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatus
+func (c *SSOAdmin) DescribeAccountAssignmentDeletionStatusRequest(input *DescribeAccountAssignmentDeletionStatusInput) (req *request.Request, output *DescribeAccountAssignmentDeletionStatusOutput) {
+ op := &request.Operation{
+ Name: opDescribeAccountAssignmentDeletionStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribeAccountAssignmentDeletionStatusInput{}
+ }
+
+ output = &DescribeAccountAssignmentDeletionStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribeAccountAssignmentDeletionStatus API operation for AWS Single Sign-On Admin.
+//
+// Describes the status of the assignment deletion request.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DescribeAccountAssignmentDeletionStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribeAccountAssignmentDeletionStatus
+func (c *SSOAdmin) DescribeAccountAssignmentDeletionStatus(input *DescribeAccountAssignmentDeletionStatusInput) (*DescribeAccountAssignmentDeletionStatusOutput, error) {
+ req, out := c.DescribeAccountAssignmentDeletionStatusRequest(input)
+ return out, req.Send()
+}
+
+// DescribeAccountAssignmentDeletionStatusWithContext is the same as DescribeAccountAssignmentDeletionStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeAccountAssignmentDeletionStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DescribeAccountAssignmentDeletionStatusWithContext(ctx aws.Context, input *DescribeAccountAssignmentDeletionStatusInput, opts ...request.Option) (*DescribeAccountAssignmentDeletionStatusOutput, error) {
+ req, out := c.DescribeAccountAssignmentDeletionStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribePermissionSet = "DescribePermissionSet"
+
+// DescribePermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the DescribePermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribePermissionSet for more information on using the DescribePermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribePermissionSetRequest method.
+// req, resp := client.DescribePermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSet
+func (c *SSOAdmin) DescribePermissionSetRequest(input *DescribePermissionSetInput) (req *request.Request, output *DescribePermissionSetOutput) {
+ op := &request.Operation{
+ Name: opDescribePermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribePermissionSetInput{}
+ }
+
+ output = &DescribePermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribePermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Gets the details of the permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DescribePermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSet
+func (c *SSOAdmin) DescribePermissionSet(input *DescribePermissionSetInput) (*DescribePermissionSetOutput, error) {
+ req, out := c.DescribePermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// DescribePermissionSetWithContext is the same as DescribePermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribePermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DescribePermissionSetWithContext(ctx aws.Context, input *DescribePermissionSetInput, opts ...request.Option) (*DescribePermissionSetOutput, error) {
+ req, out := c.DescribePermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribePermissionSetProvisioningStatus = "DescribePermissionSetProvisioningStatus"
+
+// DescribePermissionSetProvisioningStatusRequest generates a "aws/request.Request" representing the
+// client's request for the DescribePermissionSetProvisioningStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribePermissionSetProvisioningStatus for more information on using the DescribePermissionSetProvisioningStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribePermissionSetProvisioningStatusRequest method.
+// req, resp := client.DescribePermissionSetProvisioningStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetProvisioningStatus
+func (c *SSOAdmin) DescribePermissionSetProvisioningStatusRequest(input *DescribePermissionSetProvisioningStatusInput) (req *request.Request, output *DescribePermissionSetProvisioningStatusOutput) {
+ op := &request.Operation{
+ Name: opDescribePermissionSetProvisioningStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribePermissionSetProvisioningStatusInput{}
+ }
+
+ output = &DescribePermissionSetProvisioningStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribePermissionSetProvisioningStatus API operation for AWS Single Sign-On Admin.
+//
+// Describes the status for the given permission set provisioning request.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DescribePermissionSetProvisioningStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DescribePermissionSetProvisioningStatus
+func (c *SSOAdmin) DescribePermissionSetProvisioningStatus(input *DescribePermissionSetProvisioningStatusInput) (*DescribePermissionSetProvisioningStatusOutput, error) {
+ req, out := c.DescribePermissionSetProvisioningStatusRequest(input)
+ return out, req.Send()
+}
+
+// DescribePermissionSetProvisioningStatusWithContext is the same as DescribePermissionSetProvisioningStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribePermissionSetProvisioningStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DescribePermissionSetProvisioningStatusWithContext(ctx aws.Context, input *DescribePermissionSetProvisioningStatusInput, opts ...request.Option) (*DescribePermissionSetProvisioningStatusOutput, error) {
+ req, out := c.DescribePermissionSetProvisioningStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDetachManagedPolicyFromPermissionSet = "DetachManagedPolicyFromPermissionSet"
+
+// DetachManagedPolicyFromPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the DetachManagedPolicyFromPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DetachManagedPolicyFromPermissionSet for more information on using the DetachManagedPolicyFromPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DetachManagedPolicyFromPermissionSetRequest method.
+// req, resp := client.DetachManagedPolicyFromPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSet
+func (c *SSOAdmin) DetachManagedPolicyFromPermissionSetRequest(input *DetachManagedPolicyFromPermissionSetInput) (req *request.Request, output *DetachManagedPolicyFromPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opDetachManagedPolicyFromPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DetachManagedPolicyFromPermissionSetInput{}
+ }
+
+ output = &DetachManagedPolicyFromPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// DetachManagedPolicyFromPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Detaches the attached IAM managed policy ARN from the specified permission
+// set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation DetachManagedPolicyFromPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/DetachManagedPolicyFromPermissionSet
+func (c *SSOAdmin) DetachManagedPolicyFromPermissionSet(input *DetachManagedPolicyFromPermissionSetInput) (*DetachManagedPolicyFromPermissionSetOutput, error) {
+ req, out := c.DetachManagedPolicyFromPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// DetachManagedPolicyFromPermissionSetWithContext is the same as DetachManagedPolicyFromPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DetachManagedPolicyFromPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) DetachManagedPolicyFromPermissionSetWithContext(ctx aws.Context, input *DetachManagedPolicyFromPermissionSetInput, opts ...request.Option) (*DetachManagedPolicyFromPermissionSetOutput, error) {
+ req, out := c.DetachManagedPolicyFromPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opGetInlinePolicyForPermissionSet = "GetInlinePolicyForPermissionSet"
+
+// GetInlinePolicyForPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the GetInlinePolicyForPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetInlinePolicyForPermissionSet for more information on using the GetInlinePolicyForPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetInlinePolicyForPermissionSetRequest method.
+// req, resp := client.GetInlinePolicyForPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetInlinePolicyForPermissionSet
+func (c *SSOAdmin) GetInlinePolicyForPermissionSetRequest(input *GetInlinePolicyForPermissionSetInput) (req *request.Request, output *GetInlinePolicyForPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opGetInlinePolicyForPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &GetInlinePolicyForPermissionSetInput{}
+ }
+
+ output = &GetInlinePolicyForPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetInlinePolicyForPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Obtains the inline policy assigned to the permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation GetInlinePolicyForPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/GetInlinePolicyForPermissionSet
+func (c *SSOAdmin) GetInlinePolicyForPermissionSet(input *GetInlinePolicyForPermissionSetInput) (*GetInlinePolicyForPermissionSetOutput, error) {
+ req, out := c.GetInlinePolicyForPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// GetInlinePolicyForPermissionSetWithContext is the same as GetInlinePolicyForPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetInlinePolicyForPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) GetInlinePolicyForPermissionSetWithContext(ctx aws.Context, input *GetInlinePolicyForPermissionSetInput, opts ...request.Option) (*GetInlinePolicyForPermissionSetOutput, error) {
+ req, out := c.GetInlinePolicyForPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opListAccountAssignmentCreationStatus = "ListAccountAssignmentCreationStatus"
+
+// ListAccountAssignmentCreationStatusRequest generates a "aws/request.Request" representing the
+// client's request for the ListAccountAssignmentCreationStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListAccountAssignmentCreationStatus for more information on using the ListAccountAssignmentCreationStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListAccountAssignmentCreationStatusRequest method.
+// req, resp := client.ListAccountAssignmentCreationStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatus
+func (c *SSOAdmin) ListAccountAssignmentCreationStatusRequest(input *ListAccountAssignmentCreationStatusInput) (req *request.Request, output *ListAccountAssignmentCreationStatusOutput) {
+ op := &request.Operation{
+ Name: opListAccountAssignmentCreationStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListAccountAssignmentCreationStatusInput{}
+ }
+
+ output = &ListAccountAssignmentCreationStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListAccountAssignmentCreationStatus API operation for AWS Single Sign-On Admin.
+//
+// Lists the status of the AWS account assignment creation requests for a specified
+// SSO instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListAccountAssignmentCreationStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentCreationStatus
+func (c *SSOAdmin) ListAccountAssignmentCreationStatus(input *ListAccountAssignmentCreationStatusInput) (*ListAccountAssignmentCreationStatusOutput, error) {
+ req, out := c.ListAccountAssignmentCreationStatusRequest(input)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentCreationStatusWithContext is the same as ListAccountAssignmentCreationStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListAccountAssignmentCreationStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentCreationStatusWithContext(ctx aws.Context, input *ListAccountAssignmentCreationStatusInput, opts ...request.Option) (*ListAccountAssignmentCreationStatusOutput, error) {
+ req, out := c.ListAccountAssignmentCreationStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentCreationStatusPages iterates over the pages of a ListAccountAssignmentCreationStatus operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListAccountAssignmentCreationStatus method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListAccountAssignmentCreationStatus operation.
+// pageNum := 0
+// err := client.ListAccountAssignmentCreationStatusPages(params,
+// func(page *ssoadmin.ListAccountAssignmentCreationStatusOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListAccountAssignmentCreationStatusPages(input *ListAccountAssignmentCreationStatusInput, fn func(*ListAccountAssignmentCreationStatusOutput, bool) bool) error {
+ return c.ListAccountAssignmentCreationStatusPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListAccountAssignmentCreationStatusPagesWithContext same as ListAccountAssignmentCreationStatusPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentCreationStatusPagesWithContext(ctx aws.Context, input *ListAccountAssignmentCreationStatusInput, fn func(*ListAccountAssignmentCreationStatusOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListAccountAssignmentCreationStatusInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListAccountAssignmentCreationStatusRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListAccountAssignmentCreationStatusOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListAccountAssignmentDeletionStatus = "ListAccountAssignmentDeletionStatus"
+
+// ListAccountAssignmentDeletionStatusRequest generates a "aws/request.Request" representing the
+// client's request for the ListAccountAssignmentDeletionStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListAccountAssignmentDeletionStatus for more information on using the ListAccountAssignmentDeletionStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListAccountAssignmentDeletionStatusRequest method.
+// req, resp := client.ListAccountAssignmentDeletionStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatus
+func (c *SSOAdmin) ListAccountAssignmentDeletionStatusRequest(input *ListAccountAssignmentDeletionStatusInput) (req *request.Request, output *ListAccountAssignmentDeletionStatusOutput) {
+ op := &request.Operation{
+ Name: opListAccountAssignmentDeletionStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListAccountAssignmentDeletionStatusInput{}
+ }
+
+ output = &ListAccountAssignmentDeletionStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListAccountAssignmentDeletionStatus API operation for AWS Single Sign-On Admin.
+//
+// Lists the status of the AWS account assignment deletion requests for a specified
+// SSO instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListAccountAssignmentDeletionStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignmentDeletionStatus
+func (c *SSOAdmin) ListAccountAssignmentDeletionStatus(input *ListAccountAssignmentDeletionStatusInput) (*ListAccountAssignmentDeletionStatusOutput, error) {
+ req, out := c.ListAccountAssignmentDeletionStatusRequest(input)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentDeletionStatusWithContext is the same as ListAccountAssignmentDeletionStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListAccountAssignmentDeletionStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentDeletionStatusWithContext(ctx aws.Context, input *ListAccountAssignmentDeletionStatusInput, opts ...request.Option) (*ListAccountAssignmentDeletionStatusOutput, error) {
+ req, out := c.ListAccountAssignmentDeletionStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentDeletionStatusPages iterates over the pages of a ListAccountAssignmentDeletionStatus operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListAccountAssignmentDeletionStatus method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListAccountAssignmentDeletionStatus operation.
+// pageNum := 0
+// err := client.ListAccountAssignmentDeletionStatusPages(params,
+// func(page *ssoadmin.ListAccountAssignmentDeletionStatusOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListAccountAssignmentDeletionStatusPages(input *ListAccountAssignmentDeletionStatusInput, fn func(*ListAccountAssignmentDeletionStatusOutput, bool) bool) error {
+ return c.ListAccountAssignmentDeletionStatusPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListAccountAssignmentDeletionStatusPagesWithContext same as ListAccountAssignmentDeletionStatusPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentDeletionStatusPagesWithContext(ctx aws.Context, input *ListAccountAssignmentDeletionStatusInput, fn func(*ListAccountAssignmentDeletionStatusOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListAccountAssignmentDeletionStatusInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListAccountAssignmentDeletionStatusRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListAccountAssignmentDeletionStatusOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListAccountAssignments = "ListAccountAssignments"
+
+// ListAccountAssignmentsRequest generates a "aws/request.Request" representing the
+// client's request for the ListAccountAssignments operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListAccountAssignments for more information on using the ListAccountAssignments
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListAccountAssignmentsRequest method.
+// req, resp := client.ListAccountAssignmentsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignments
+func (c *SSOAdmin) ListAccountAssignmentsRequest(input *ListAccountAssignmentsInput) (req *request.Request, output *ListAccountAssignmentsOutput) {
+ op := &request.Operation{
+ Name: opListAccountAssignments,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListAccountAssignmentsInput{}
+ }
+
+ output = &ListAccountAssignmentsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListAccountAssignments API operation for AWS Single Sign-On Admin.
+//
+// Lists the assignee of the specified AWS account with the specified permission
+// set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListAccountAssignments for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountAssignments
+func (c *SSOAdmin) ListAccountAssignments(input *ListAccountAssignmentsInput) (*ListAccountAssignmentsOutput, error) {
+ req, out := c.ListAccountAssignmentsRequest(input)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentsWithContext is the same as ListAccountAssignments with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListAccountAssignments for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentsWithContext(ctx aws.Context, input *ListAccountAssignmentsInput, opts ...request.Option) (*ListAccountAssignmentsOutput, error) {
+ req, out := c.ListAccountAssignmentsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListAccountAssignmentsPages iterates over the pages of a ListAccountAssignments operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListAccountAssignments method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListAccountAssignments operation.
+// pageNum := 0
+// err := client.ListAccountAssignmentsPages(params,
+// func(page *ssoadmin.ListAccountAssignmentsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListAccountAssignmentsPages(input *ListAccountAssignmentsInput, fn func(*ListAccountAssignmentsOutput, bool) bool) error {
+ return c.ListAccountAssignmentsPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListAccountAssignmentsPagesWithContext same as ListAccountAssignmentsPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountAssignmentsPagesWithContext(ctx aws.Context, input *ListAccountAssignmentsInput, fn func(*ListAccountAssignmentsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListAccountAssignmentsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListAccountAssignmentsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListAccountAssignmentsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListAccountsForProvisionedPermissionSet = "ListAccountsForProvisionedPermissionSet"
+
+// ListAccountsForProvisionedPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the ListAccountsForProvisionedPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListAccountsForProvisionedPermissionSet for more information on using the ListAccountsForProvisionedPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListAccountsForProvisionedPermissionSetRequest method.
+// req, resp := client.ListAccountsForProvisionedPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountsForProvisionedPermissionSet
+func (c *SSOAdmin) ListAccountsForProvisionedPermissionSetRequest(input *ListAccountsForProvisionedPermissionSetInput) (req *request.Request, output *ListAccountsForProvisionedPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opListAccountsForProvisionedPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListAccountsForProvisionedPermissionSetInput{}
+ }
+
+ output = &ListAccountsForProvisionedPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListAccountsForProvisionedPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Lists all the AWS accounts where the specified permission set is provisioned.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListAccountsForProvisionedPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListAccountsForProvisionedPermissionSet
+func (c *SSOAdmin) ListAccountsForProvisionedPermissionSet(input *ListAccountsForProvisionedPermissionSetInput) (*ListAccountsForProvisionedPermissionSetOutput, error) {
+ req, out := c.ListAccountsForProvisionedPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// ListAccountsForProvisionedPermissionSetWithContext is the same as ListAccountsForProvisionedPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListAccountsForProvisionedPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountsForProvisionedPermissionSetWithContext(ctx aws.Context, input *ListAccountsForProvisionedPermissionSetInput, opts ...request.Option) (*ListAccountsForProvisionedPermissionSetOutput, error) {
+ req, out := c.ListAccountsForProvisionedPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListAccountsForProvisionedPermissionSetPages iterates over the pages of a ListAccountsForProvisionedPermissionSet operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListAccountsForProvisionedPermissionSet method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListAccountsForProvisionedPermissionSet operation.
+// pageNum := 0
+// err := client.ListAccountsForProvisionedPermissionSetPages(params,
+// func(page *ssoadmin.ListAccountsForProvisionedPermissionSetOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListAccountsForProvisionedPermissionSetPages(input *ListAccountsForProvisionedPermissionSetInput, fn func(*ListAccountsForProvisionedPermissionSetOutput, bool) bool) error {
+ return c.ListAccountsForProvisionedPermissionSetPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListAccountsForProvisionedPermissionSetPagesWithContext same as ListAccountsForProvisionedPermissionSetPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListAccountsForProvisionedPermissionSetPagesWithContext(ctx aws.Context, input *ListAccountsForProvisionedPermissionSetInput, fn func(*ListAccountsForProvisionedPermissionSetOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListAccountsForProvisionedPermissionSetInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListAccountsForProvisionedPermissionSetRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListAccountsForProvisionedPermissionSetOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListInstances = "ListInstances"
+
+// ListInstancesRequest generates a "aws/request.Request" representing the
+// client's request for the ListInstances operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListInstances for more information on using the ListInstances
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListInstancesRequest method.
+// req, resp := client.ListInstancesRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListInstances
+func (c *SSOAdmin) ListInstancesRequest(input *ListInstancesInput) (req *request.Request, output *ListInstancesOutput) {
+ op := &request.Operation{
+ Name: opListInstances,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListInstancesInput{}
+ }
+
+ output = &ListInstancesOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListInstances API operation for AWS Single Sign-On Admin.
+//
+// Lists the SSO instances that the caller has access to.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListInstances for usage and error information.
+//
+// Returned Error Types:
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListInstances
+func (c *SSOAdmin) ListInstances(input *ListInstancesInput) (*ListInstancesOutput, error) {
+ req, out := c.ListInstancesRequest(input)
+ return out, req.Send()
+}
+
+// ListInstancesWithContext is the same as ListInstances with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListInstances for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListInstancesWithContext(ctx aws.Context, input *ListInstancesInput, opts ...request.Option) (*ListInstancesOutput, error) {
+ req, out := c.ListInstancesRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListInstancesPages iterates over the pages of a ListInstances operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListInstances method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListInstances operation.
+// pageNum := 0
+// err := client.ListInstancesPages(params,
+// func(page *ssoadmin.ListInstancesOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListInstancesPages(input *ListInstancesInput, fn func(*ListInstancesOutput, bool) bool) error {
+ return c.ListInstancesPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListInstancesPagesWithContext same as ListInstancesPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListInstancesPagesWithContext(ctx aws.Context, input *ListInstancesInput, fn func(*ListInstancesOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListInstancesInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListInstancesRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListInstancesOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListManagedPoliciesInPermissionSet = "ListManagedPoliciesInPermissionSet"
+
+// ListManagedPoliciesInPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the ListManagedPoliciesInPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListManagedPoliciesInPermissionSet for more information on using the ListManagedPoliciesInPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListManagedPoliciesInPermissionSetRequest method.
+// req, resp := client.ListManagedPoliciesInPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSet
+func (c *SSOAdmin) ListManagedPoliciesInPermissionSetRequest(input *ListManagedPoliciesInPermissionSetInput) (req *request.Request, output *ListManagedPoliciesInPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opListManagedPoliciesInPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListManagedPoliciesInPermissionSetInput{}
+ }
+
+ output = &ListManagedPoliciesInPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListManagedPoliciesInPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Lists the IAM managed policy that is attached to a specified permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListManagedPoliciesInPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListManagedPoliciesInPermissionSet
+func (c *SSOAdmin) ListManagedPoliciesInPermissionSet(input *ListManagedPoliciesInPermissionSetInput) (*ListManagedPoliciesInPermissionSetOutput, error) {
+ req, out := c.ListManagedPoliciesInPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// ListManagedPoliciesInPermissionSetWithContext is the same as ListManagedPoliciesInPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListManagedPoliciesInPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListManagedPoliciesInPermissionSetWithContext(ctx aws.Context, input *ListManagedPoliciesInPermissionSetInput, opts ...request.Option) (*ListManagedPoliciesInPermissionSetOutput, error) {
+ req, out := c.ListManagedPoliciesInPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListManagedPoliciesInPermissionSetPages iterates over the pages of a ListManagedPoliciesInPermissionSet operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListManagedPoliciesInPermissionSet method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListManagedPoliciesInPermissionSet operation.
+// pageNum := 0
+// err := client.ListManagedPoliciesInPermissionSetPages(params,
+// func(page *ssoadmin.ListManagedPoliciesInPermissionSetOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListManagedPoliciesInPermissionSetPages(input *ListManagedPoliciesInPermissionSetInput, fn func(*ListManagedPoliciesInPermissionSetOutput, bool) bool) error {
+ return c.ListManagedPoliciesInPermissionSetPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListManagedPoliciesInPermissionSetPagesWithContext same as ListManagedPoliciesInPermissionSetPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListManagedPoliciesInPermissionSetPagesWithContext(ctx aws.Context, input *ListManagedPoliciesInPermissionSetInput, fn func(*ListManagedPoliciesInPermissionSetOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListManagedPoliciesInPermissionSetInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListManagedPoliciesInPermissionSetRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListManagedPoliciesInPermissionSetOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListPermissionSetProvisioningStatus = "ListPermissionSetProvisioningStatus"
+
+// ListPermissionSetProvisioningStatusRequest generates a "aws/request.Request" representing the
+// client's request for the ListPermissionSetProvisioningStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListPermissionSetProvisioningStatus for more information on using the ListPermissionSetProvisioningStatus
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListPermissionSetProvisioningStatusRequest method.
+// req, resp := client.ListPermissionSetProvisioningStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatus
+func (c *SSOAdmin) ListPermissionSetProvisioningStatusRequest(input *ListPermissionSetProvisioningStatusInput) (req *request.Request, output *ListPermissionSetProvisioningStatusOutput) {
+ op := &request.Operation{
+ Name: opListPermissionSetProvisioningStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListPermissionSetProvisioningStatusInput{}
+ }
+
+ output = &ListPermissionSetProvisioningStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListPermissionSetProvisioningStatus API operation for AWS Single Sign-On Admin.
+//
+// Lists the status of the permission set provisioning requests for a specified
+// SSO instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListPermissionSetProvisioningStatus for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetProvisioningStatus
+func (c *SSOAdmin) ListPermissionSetProvisioningStatus(input *ListPermissionSetProvisioningStatusInput) (*ListPermissionSetProvisioningStatusOutput, error) {
+ req, out := c.ListPermissionSetProvisioningStatusRequest(input)
+ return out, req.Send()
+}
+
+// ListPermissionSetProvisioningStatusWithContext is the same as ListPermissionSetProvisioningStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListPermissionSetProvisioningStatus for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetProvisioningStatusWithContext(ctx aws.Context, input *ListPermissionSetProvisioningStatusInput, opts ...request.Option) (*ListPermissionSetProvisioningStatusOutput, error) {
+ req, out := c.ListPermissionSetProvisioningStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListPermissionSetProvisioningStatusPages iterates over the pages of a ListPermissionSetProvisioningStatus operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListPermissionSetProvisioningStatus method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListPermissionSetProvisioningStatus operation.
+// pageNum := 0
+// err := client.ListPermissionSetProvisioningStatusPages(params,
+// func(page *ssoadmin.ListPermissionSetProvisioningStatusOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListPermissionSetProvisioningStatusPages(input *ListPermissionSetProvisioningStatusInput, fn func(*ListPermissionSetProvisioningStatusOutput, bool) bool) error {
+ return c.ListPermissionSetProvisioningStatusPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListPermissionSetProvisioningStatusPagesWithContext same as ListPermissionSetProvisioningStatusPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetProvisioningStatusPagesWithContext(ctx aws.Context, input *ListPermissionSetProvisioningStatusInput, fn func(*ListPermissionSetProvisioningStatusOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListPermissionSetProvisioningStatusInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListPermissionSetProvisioningStatusRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListPermissionSetProvisioningStatusOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListPermissionSets = "ListPermissionSets"
+
+// ListPermissionSetsRequest generates a "aws/request.Request" representing the
+// client's request for the ListPermissionSets operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListPermissionSets for more information on using the ListPermissionSets
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListPermissionSetsRequest method.
+// req, resp := client.ListPermissionSetsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSets
+func (c *SSOAdmin) ListPermissionSetsRequest(input *ListPermissionSetsInput) (req *request.Request, output *ListPermissionSetsOutput) {
+ op := &request.Operation{
+ Name: opListPermissionSets,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListPermissionSetsInput{}
+ }
+
+ output = &ListPermissionSetsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListPermissionSets API operation for AWS Single Sign-On Admin.
+//
+// Lists the PermissionSets in an SSO instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListPermissionSets for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSets
+func (c *SSOAdmin) ListPermissionSets(input *ListPermissionSetsInput) (*ListPermissionSetsOutput, error) {
+ req, out := c.ListPermissionSetsRequest(input)
+ return out, req.Send()
+}
+
+// ListPermissionSetsWithContext is the same as ListPermissionSets with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListPermissionSets for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetsWithContext(ctx aws.Context, input *ListPermissionSetsInput, opts ...request.Option) (*ListPermissionSetsOutput, error) {
+ req, out := c.ListPermissionSetsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListPermissionSetsPages iterates over the pages of a ListPermissionSets operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListPermissionSets method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListPermissionSets operation.
+// pageNum := 0
+// err := client.ListPermissionSetsPages(params,
+// func(page *ssoadmin.ListPermissionSetsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListPermissionSetsPages(input *ListPermissionSetsInput, fn func(*ListPermissionSetsOutput, bool) bool) error {
+ return c.ListPermissionSetsPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListPermissionSetsPagesWithContext same as ListPermissionSetsPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetsPagesWithContext(ctx aws.Context, input *ListPermissionSetsInput, fn func(*ListPermissionSetsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListPermissionSetsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListPermissionSetsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListPermissionSetsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListPermissionSetsProvisionedToAccount = "ListPermissionSetsProvisionedToAccount"
+
+// ListPermissionSetsProvisionedToAccountRequest generates a "aws/request.Request" representing the
+// client's request for the ListPermissionSetsProvisionedToAccount operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListPermissionSetsProvisionedToAccount for more information on using the ListPermissionSetsProvisionedToAccount
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListPermissionSetsProvisionedToAccountRequest method.
+// req, resp := client.ListPermissionSetsProvisionedToAccountRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccount
+func (c *SSOAdmin) ListPermissionSetsProvisionedToAccountRequest(input *ListPermissionSetsProvisionedToAccountInput) (req *request.Request, output *ListPermissionSetsProvisionedToAccountOutput) {
+ op := &request.Operation{
+ Name: opListPermissionSetsProvisionedToAccount,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListPermissionSetsProvisionedToAccountInput{}
+ }
+
+ output = &ListPermissionSetsProvisionedToAccountOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListPermissionSetsProvisionedToAccount API operation for AWS Single Sign-On Admin.
+//
+// Lists all the permission sets that are provisioned to a specified AWS account.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListPermissionSetsProvisionedToAccount for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListPermissionSetsProvisionedToAccount
+func (c *SSOAdmin) ListPermissionSetsProvisionedToAccount(input *ListPermissionSetsProvisionedToAccountInput) (*ListPermissionSetsProvisionedToAccountOutput, error) {
+ req, out := c.ListPermissionSetsProvisionedToAccountRequest(input)
+ return out, req.Send()
+}
+
+// ListPermissionSetsProvisionedToAccountWithContext is the same as ListPermissionSetsProvisionedToAccount with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListPermissionSetsProvisionedToAccount for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetsProvisionedToAccountWithContext(ctx aws.Context, input *ListPermissionSetsProvisionedToAccountInput, opts ...request.Option) (*ListPermissionSetsProvisionedToAccountOutput, error) {
+ req, out := c.ListPermissionSetsProvisionedToAccountRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListPermissionSetsProvisionedToAccountPages iterates over the pages of a ListPermissionSetsProvisionedToAccount operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListPermissionSetsProvisionedToAccount method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListPermissionSetsProvisionedToAccount operation.
+// pageNum := 0
+// err := client.ListPermissionSetsProvisionedToAccountPages(params,
+// func(page *ssoadmin.ListPermissionSetsProvisionedToAccountOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListPermissionSetsProvisionedToAccountPages(input *ListPermissionSetsProvisionedToAccountInput, fn func(*ListPermissionSetsProvisionedToAccountOutput, bool) bool) error {
+ return c.ListPermissionSetsProvisionedToAccountPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListPermissionSetsProvisionedToAccountPagesWithContext same as ListPermissionSetsProvisionedToAccountPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListPermissionSetsProvisionedToAccountPagesWithContext(ctx aws.Context, input *ListPermissionSetsProvisionedToAccountInput, fn func(*ListPermissionSetsProvisionedToAccountOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListPermissionSetsProvisionedToAccountInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListPermissionSetsProvisionedToAccountRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListPermissionSetsProvisionedToAccountOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListTagsForResource = "ListTagsForResource"
+
+// ListTagsForResourceRequest generates a "aws/request.Request" representing the
+// client's request for the ListTagsForResource operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListTagsForResource for more information on using the ListTagsForResource
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListTagsForResourceRequest method.
+// req, resp := client.ListTagsForResourceRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResource
+func (c *SSOAdmin) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) {
+ op := &request.Operation{
+ Name: opListTagsForResource,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &ListTagsForResourceInput{}
+ }
+
+ output = &ListTagsForResourceOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListTagsForResource API operation for AWS Single Sign-On Admin.
+//
+// Lists the tags that are attached to a specified resource.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ListTagsForResource for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ListTagsForResource
+func (c *SSOAdmin) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) {
+ req, out := c.ListTagsForResourceRequest(input)
+ return out, req.Send()
+}
+
+// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListTagsForResource for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) {
+ req, out := c.ListTagsForResourceRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// ListTagsForResourcePages iterates over the pages of a ListTagsForResource operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListTagsForResource method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListTagsForResource operation.
+// pageNum := 0
+// err := client.ListTagsForResourcePages(params,
+// func(page *ssoadmin.ListTagsForResourceOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *SSOAdmin) ListTagsForResourcePages(input *ListTagsForResourceInput, fn func(*ListTagsForResourceOutput, bool) bool) error {
+ return c.ListTagsForResourcePagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// ListTagsForResourcePagesWithContext same as ListTagsForResourcePages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ListTagsForResourcePagesWithContext(ctx aws.Context, input *ListTagsForResourceInput, fn func(*ListTagsForResourceOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListTagsForResourceInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListTagsForResourceRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListTagsForResourceOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opProvisionPermissionSet = "ProvisionPermissionSet"
+
+// ProvisionPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the ProvisionPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ProvisionPermissionSet for more information on using the ProvisionPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ProvisionPermissionSetRequest method.
+// req, resp := client.ProvisionPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ProvisionPermissionSet
+func (c *SSOAdmin) ProvisionPermissionSetRequest(input *ProvisionPermissionSetInput) (req *request.Request, output *ProvisionPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opProvisionPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &ProvisionPermissionSetInput{}
+ }
+
+ output = &ProvisionPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ProvisionPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// The process by which a specified permission set is provisioned to the specified
+// target.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation ProvisionPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/ProvisionPermissionSet
+func (c *SSOAdmin) ProvisionPermissionSet(input *ProvisionPermissionSetInput) (*ProvisionPermissionSetOutput, error) {
+ req, out := c.ProvisionPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// ProvisionPermissionSetWithContext is the same as ProvisionPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ProvisionPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) ProvisionPermissionSetWithContext(ctx aws.Context, input *ProvisionPermissionSetInput, opts ...request.Option) (*ProvisionPermissionSetOutput, error) {
+ req, out := c.ProvisionPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opPutInlinePolicyToPermissionSet = "PutInlinePolicyToPermissionSet"
+
+// PutInlinePolicyToPermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the PutInlinePolicyToPermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See PutInlinePolicyToPermissionSet for more information on using the PutInlinePolicyToPermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the PutInlinePolicyToPermissionSetRequest method.
+// req, resp := client.PutInlinePolicyToPermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSet
+func (c *SSOAdmin) PutInlinePolicyToPermissionSetRequest(input *PutInlinePolicyToPermissionSetInput) (req *request.Request, output *PutInlinePolicyToPermissionSetOutput) {
+ op := &request.Operation{
+ Name: opPutInlinePolicyToPermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &PutInlinePolicyToPermissionSetInput{}
+ }
+
+ output = &PutInlinePolicyToPermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// PutInlinePolicyToPermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Attaches an IAM inline policy to a permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation PutInlinePolicyToPermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ServiceQuotaExceededException
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/PutInlinePolicyToPermissionSet
+func (c *SSOAdmin) PutInlinePolicyToPermissionSet(input *PutInlinePolicyToPermissionSetInput) (*PutInlinePolicyToPermissionSetOutput, error) {
+ req, out := c.PutInlinePolicyToPermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// PutInlinePolicyToPermissionSetWithContext is the same as PutInlinePolicyToPermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See PutInlinePolicyToPermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) PutInlinePolicyToPermissionSetWithContext(ctx aws.Context, input *PutInlinePolicyToPermissionSetInput, opts ...request.Option) (*PutInlinePolicyToPermissionSetOutput, error) {
+ req, out := c.PutInlinePolicyToPermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opTagResource = "TagResource"
+
+// TagResourceRequest generates a "aws/request.Request" representing the
+// client's request for the TagResource operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See TagResource for more information on using the TagResource
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the TagResourceRequest method.
+// req, resp := client.TagResourceRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/TagResource
+func (c *SSOAdmin) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) {
+ op := &request.Operation{
+ Name: opTagResource,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &TagResourceInput{}
+ }
+
+ output = &TagResourceOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// TagResource API operation for AWS Single Sign-On Admin.
+//
+// Associates a set of tags with a specified resource.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation TagResource for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ServiceQuotaExceededException
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/TagResource
+func (c *SSOAdmin) TagResource(input *TagResourceInput) (*TagResourceOutput, error) {
+ req, out := c.TagResourceRequest(input)
+ return out, req.Send()
+}
+
+// TagResourceWithContext is the same as TagResource with the addition of
+// the ability to pass a context and additional request options.
+//
+// See TagResource for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) {
+ req, out := c.TagResourceRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opUntagResource = "UntagResource"
+
+// UntagResourceRequest generates a "aws/request.Request" representing the
+// client's request for the UntagResource operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UntagResource for more information on using the UntagResource
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UntagResourceRequest method.
+// req, resp := client.UntagResourceRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UntagResource
+func (c *SSOAdmin) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) {
+ op := &request.Operation{
+ Name: opUntagResource,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &UntagResourceInput{}
+ }
+
+ output = &UntagResourceOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// UntagResource API operation for AWS Single Sign-On Admin.
+//
+// Disassociates a set of tags from a specified resource.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation UntagResource for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UntagResource
+func (c *SSOAdmin) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) {
+ req, out := c.UntagResourceRequest(input)
+ return out, req.Send()
+}
+
+// UntagResourceWithContext is the same as UntagResource with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UntagResource for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) {
+ req, out := c.UntagResourceRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opUpdatePermissionSet = "UpdatePermissionSet"
+
+// UpdatePermissionSetRequest generates a "aws/request.Request" representing the
+// client's request for the UpdatePermissionSet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UpdatePermissionSet for more information on using the UpdatePermissionSet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UpdatePermissionSetRequest method.
+// req, resp := client.UpdatePermissionSetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSet
+func (c *SSOAdmin) UpdatePermissionSetRequest(input *UpdatePermissionSetInput) (req *request.Request, output *UpdatePermissionSetOutput) {
+ op := &request.Operation{
+ Name: opUpdatePermissionSet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &UpdatePermissionSetInput{}
+ }
+
+ output = &UpdatePermissionSetOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// UpdatePermissionSet API operation for AWS Single Sign-On Admin.
+//
+// Updates an existing permission set.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Single Sign-On Admin's
+// API operation UpdatePermissionSet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// Indicates that a requested resource is not found.
+//
+// * InternalServerException
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+//
+// * ThrottlingException
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+//
+// * ValidationException
+// The request failed because it contains a syntax error.
+//
+// * AccessDeniedException
+// You do not have sufficient access to perform this action.
+//
+// * ConflictException
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/UpdatePermissionSet
+func (c *SSOAdmin) UpdatePermissionSet(input *UpdatePermissionSetInput) (*UpdatePermissionSetOutput, error) {
+ req, out := c.UpdatePermissionSetRequest(input)
+ return out, req.Send()
+}
+
+// UpdatePermissionSetWithContext is the same as UpdatePermissionSet with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UpdatePermissionSet for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *SSOAdmin) UpdatePermissionSetWithContext(ctx aws.Context, input *UpdatePermissionSetInput, opts ...request.Option) (*UpdatePermissionSetOutput, error) {
+ req, out := c.UpdatePermissionSetRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// You do not have sufficient access to perform this action.
+type AccessDeniedException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s AccessDeniedException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AccessDeniedException) GoString() string {
+ return s.String()
+}
+
+func newErrorAccessDeniedException(v protocol.ResponseMetadata) error {
+ return &AccessDeniedException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *AccessDeniedException) Code() string {
+ return "AccessDeniedException"
+}
+
+// Message returns the exception's message.
+func (s *AccessDeniedException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *AccessDeniedException) OrigErr() error {
+ return nil
+}
+
+func (s *AccessDeniedException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *AccessDeniedException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *AccessDeniedException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// The assignment that indicates a principal's limited access to a specified
+// AWS account with a specified permission set.
+//
+// The term principal here refers to a user or group that is defined in AWS
+// SSO.
+type AccountAssignment struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the AWS account.
+ AccountId *string `type:"string"`
+
+ // The ARN of the permission set. For more information about ARNs, see Amazon
+ // Resource Names (ARNs) and AWS Service Namespaces (/general/latest/gr/aws-arns-and-namespaces.html)
+ // in the AWS General Reference.
+ PermissionSetArn *string `min:"10" type:"string"`
+
+ // The identifier of the principal.
+ PrincipalId *string `min:"1" type:"string"`
+
+ // The entity type for which the assignment will be created.
+ PrincipalType *string `type:"string" enum:"PrincipalType"`
+}
+
+// String returns the string representation
+func (s AccountAssignment) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AccountAssignment) GoString() string {
+ return s.String()
+}
+
+// SetAccountId sets the AccountId field's value.
+func (s *AccountAssignment) SetAccountId(v string) *AccountAssignment {
+ s.AccountId = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *AccountAssignment) SetPermissionSetArn(v string) *AccountAssignment {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetPrincipalId sets the PrincipalId field's value.
+func (s *AccountAssignment) SetPrincipalId(v string) *AccountAssignment {
+ s.PrincipalId = &v
+ return s
+}
+
+// SetPrincipalType sets the PrincipalType field's value.
+func (s *AccountAssignment) SetPrincipalType(v string) *AccountAssignment {
+ s.PrincipalType = &v
+ return s
+}
+
+// The status of the creation or deletion operation of an assignment that a
+// principal needs to access an account.
+type AccountAssignmentOperationStatus struct {
+ _ struct{} `type:"structure"`
+
+ // The date that the permission set was created.
+ CreatedDate *time.Time `type:"timestamp"`
+
+ // The message that contains an error or exception in case of an operation failure.
+ FailureReason *string `type:"string"`
+
+ // The ARN of the permission set. For more information about ARNs, see Amazon
+ // Resource Names (ARNs) and AWS Service Namespaces (/general/latest/gr/aws-arns-and-namespaces.html)
+ // in the AWS General Reference.
+ PermissionSetArn *string `min:"10" type:"string"`
+
+ // The identifier of the principal.
+ PrincipalId *string `min:"1" type:"string"`
+
+ // The entity type for which the assignment will be created.
+ PrincipalType *string `type:"string" enum:"PrincipalType"`
+
+ // The identifier for tracking the request operation that is generated by the
+ // universally unique identifier (UUID) workflow.
+ RequestId *string `type:"string"`
+
+ // The status of the permission set provisioning process.
+ Status *string `type:"string" enum:"StatusValues"`
+
+ // The identifier for the chosen target.
+ TargetId *string `type:"string"`
+
+ // The entity type for which the assignment will be created.
+ TargetType *string `type:"string" enum:"TargetType"`
+}
+
+// String returns the string representation
+func (s AccountAssignmentOperationStatus) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AccountAssignmentOperationStatus) GoString() string {
+ return s.String()
+}
+
+// SetCreatedDate sets the CreatedDate field's value.
+func (s *AccountAssignmentOperationStatus) SetCreatedDate(v time.Time) *AccountAssignmentOperationStatus {
+ s.CreatedDate = &v
+ return s
+}
+
+// SetFailureReason sets the FailureReason field's value.
+func (s *AccountAssignmentOperationStatus) SetFailureReason(v string) *AccountAssignmentOperationStatus {
+ s.FailureReason = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *AccountAssignmentOperationStatus) SetPermissionSetArn(v string) *AccountAssignmentOperationStatus {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetPrincipalId sets the PrincipalId field's value.
+func (s *AccountAssignmentOperationStatus) SetPrincipalId(v string) *AccountAssignmentOperationStatus {
+ s.PrincipalId = &v
+ return s
+}
+
+// SetPrincipalType sets the PrincipalType field's value.
+func (s *AccountAssignmentOperationStatus) SetPrincipalType(v string) *AccountAssignmentOperationStatus {
+ s.PrincipalType = &v
+ return s
+}
+
+// SetRequestId sets the RequestId field's value.
+func (s *AccountAssignmentOperationStatus) SetRequestId(v string) *AccountAssignmentOperationStatus {
+ s.RequestId = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *AccountAssignmentOperationStatus) SetStatus(v string) *AccountAssignmentOperationStatus {
+ s.Status = &v
+ return s
+}
+
+// SetTargetId sets the TargetId field's value.
+func (s *AccountAssignmentOperationStatus) SetTargetId(v string) *AccountAssignmentOperationStatus {
+ s.TargetId = &v
+ return s
+}
+
+// SetTargetType sets the TargetType field's value.
+func (s *AccountAssignmentOperationStatus) SetTargetType(v string) *AccountAssignmentOperationStatus {
+ s.TargetType = &v
+ return s
+}
+
+// Provides information about the AccountAssignment creation request.
+type AccountAssignmentOperationStatusMetadata struct {
+ _ struct{} `type:"structure"`
+
+ // The date that the permission set was created.
+ CreatedDate *time.Time `type:"timestamp"`
+
+ // The identifier for tracking the request operation that is generated by the
+ // universally unique identifier (UUID) workflow.
+ RequestId *string `type:"string"`
+
+ // The status of the permission set provisioning process.
+ Status *string `type:"string" enum:"StatusValues"`
+}
+
+// String returns the string representation
+func (s AccountAssignmentOperationStatusMetadata) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AccountAssignmentOperationStatusMetadata) GoString() string {
+ return s.String()
+}
+
+// SetCreatedDate sets the CreatedDate field's value.
+func (s *AccountAssignmentOperationStatusMetadata) SetCreatedDate(v time.Time) *AccountAssignmentOperationStatusMetadata {
+ s.CreatedDate = &v
+ return s
+}
+
+// SetRequestId sets the RequestId field's value.
+func (s *AccountAssignmentOperationStatusMetadata) SetRequestId(v string) *AccountAssignmentOperationStatusMetadata {
+ s.RequestId = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *AccountAssignmentOperationStatusMetadata) SetStatus(v string) *AccountAssignmentOperationStatusMetadata {
+ s.Status = &v
+ return s
+}
+
+type AttachManagedPolicyToPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The IAM managed policy ARN to be attached to a permission set.
+ //
+ // ManagedPolicyArn is a required field
+ ManagedPolicyArn *string `min:"20" type:"string" required:"true"`
+
+ // The ARN of the PermissionSet that the managed policy should be attached to.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s AttachManagedPolicyToPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AttachManagedPolicyToPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AttachManagedPolicyToPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "AttachManagedPolicyToPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ManagedPolicyArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("ManagedPolicyArn"))
+ }
+ if s.ManagedPolicyArn != nil && len(*s.ManagedPolicyArn) < 20 {
+ invalidParams.Add(request.NewErrParamMinLen("ManagedPolicyArn", 20))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *AttachManagedPolicyToPermissionSetInput) SetInstanceArn(v string) *AttachManagedPolicyToPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetManagedPolicyArn sets the ManagedPolicyArn field's value.
+func (s *AttachManagedPolicyToPermissionSetInput) SetManagedPolicyArn(v string) *AttachManagedPolicyToPermissionSetInput {
+ s.ManagedPolicyArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *AttachManagedPolicyToPermissionSetInput) SetPermissionSetArn(v string) *AttachManagedPolicyToPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type AttachManagedPolicyToPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s AttachManagedPolicyToPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AttachManagedPolicyToPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// A structure that stores the details of the IAM managed policy.
+type AttachedManagedPolicy struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the IAM managed policy. For more information about ARNs, see Amazon
+ // Resource Names (ARNs) and AWS Service Namespaces (/general/latest/gr/aws-arns-and-namespaces.html)
+ // in the AWS General Reference.
+ Arn *string `min:"20" type:"string"`
+
+ // The name of the IAM managed policy.
+ Name *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s AttachedManagedPolicy) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AttachedManagedPolicy) GoString() string {
+ return s.String()
+}
+
+// SetArn sets the Arn field's value.
+func (s *AttachedManagedPolicy) SetArn(v string) *AttachedManagedPolicy {
+ s.Arn = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *AttachedManagedPolicy) SetName(v string) *AttachedManagedPolicy {
+ s.Name = &v
+ return s
+}
+
+// Occurs when a conflict with a previous successful write is detected. This
+// generally occurs when the previous write did not have time to propagate to
+// the host serving the current request. A retry (with appropriate backoff logic)
+// is the recommended response to this exception.
+type ConflictException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s ConflictException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ConflictException) GoString() string {
+ return s.String()
+}
+
+func newErrorConflictException(v protocol.ResponseMetadata) error {
+ return &ConflictException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ConflictException) Code() string {
+ return "ConflictException"
+}
+
+// Message returns the exception's message.
+func (s *ConflictException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ConflictException) OrigErr() error {
+ return nil
+}
+
+func (s *ConflictException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ConflictException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ConflictException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type CreateAccountAssignmentInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set that the admin wants to grant the principal
+ // access to.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+
+ // The identifier of the principal.
+ //
+ // PrincipalId is a required field
+ PrincipalId *string `min:"1" type:"string" required:"true"`
+
+ // The entity type for which the assignment will be created.
+ //
+ // PrincipalType is a required field
+ PrincipalType *string `type:"string" required:"true" enum:"PrincipalType"`
+
+ // The identifier for the chosen target.
+ //
+ // TargetId is a required field
+ TargetId *string `type:"string" required:"true"`
+
+ // The entity type for which the assignment will be created.
+ //
+ // TargetType is a required field
+ TargetType *string `type:"string" required:"true" enum:"TargetType"`
+}
+
+// String returns the string representation
+func (s CreateAccountAssignmentInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateAccountAssignmentInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CreateAccountAssignmentInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CreateAccountAssignmentInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+ if s.PrincipalId == nil {
+ invalidParams.Add(request.NewErrParamRequired("PrincipalId"))
+ }
+ if s.PrincipalId != nil && len(*s.PrincipalId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("PrincipalId", 1))
+ }
+ if s.PrincipalType == nil {
+ invalidParams.Add(request.NewErrParamRequired("PrincipalType"))
+ }
+ if s.TargetId == nil {
+ invalidParams.Add(request.NewErrParamRequired("TargetId"))
+ }
+ if s.TargetType == nil {
+ invalidParams.Add(request.NewErrParamRequired("TargetType"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *CreateAccountAssignmentInput) SetInstanceArn(v string) *CreateAccountAssignmentInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *CreateAccountAssignmentInput) SetPermissionSetArn(v string) *CreateAccountAssignmentInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetPrincipalId sets the PrincipalId field's value.
+func (s *CreateAccountAssignmentInput) SetPrincipalId(v string) *CreateAccountAssignmentInput {
+ s.PrincipalId = &v
+ return s
+}
+
+// SetPrincipalType sets the PrincipalType field's value.
+func (s *CreateAccountAssignmentInput) SetPrincipalType(v string) *CreateAccountAssignmentInput {
+ s.PrincipalType = &v
+ return s
+}
+
+// SetTargetId sets the TargetId field's value.
+func (s *CreateAccountAssignmentInput) SetTargetId(v string) *CreateAccountAssignmentInput {
+ s.TargetId = &v
+ return s
+}
+
+// SetTargetType sets the TargetType field's value.
+func (s *CreateAccountAssignmentInput) SetTargetType(v string) *CreateAccountAssignmentInput {
+ s.TargetType = &v
+ return s
+}
+
+type CreateAccountAssignmentOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment creation operation.
+ AccountAssignmentCreationStatus *AccountAssignmentOperationStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s CreateAccountAssignmentOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateAccountAssignmentOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentCreationStatus sets the AccountAssignmentCreationStatus field's value.
+func (s *CreateAccountAssignmentOutput) SetAccountAssignmentCreationStatus(v *AccountAssignmentOperationStatus) *CreateAccountAssignmentOutput {
+ s.AccountAssignmentCreationStatus = v
+ return s
+}
+
+type CreatePermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The description of the PermissionSet.
+ Description *string `min:"1" type:"string"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The name of the PermissionSet.
+ //
+ // Name is a required field
+ Name *string `min:"1" type:"string" required:"true"`
+
+ // Used to redirect users within the application during the federation authentication
+ // process.
+ RelayState *string `min:"1" type:"string"`
+
+ // The length of time that the application user sessions are valid in the ISO-8601
+ // standard.
+ SessionDuration *string `min:"1" type:"string"`
+
+ // The tags to attach to the new PermissionSet.
+ Tags []*Tag `type:"list"`
+}
+
+// String returns the string representation
+func (s CreatePermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreatePermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CreatePermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CreatePermissionSetInput"}
+ if s.Description != nil && len(*s.Description) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Description", 1))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.Name != nil && len(*s.Name) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Name", 1))
+ }
+ if s.RelayState != nil && len(*s.RelayState) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("RelayState", 1))
+ }
+ if s.SessionDuration != nil && len(*s.SessionDuration) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SessionDuration", 1))
+ }
+ if s.Tags != nil {
+ for i, v := range s.Tags {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetDescription sets the Description field's value.
+func (s *CreatePermissionSetInput) SetDescription(v string) *CreatePermissionSetInput {
+ s.Description = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *CreatePermissionSetInput) SetInstanceArn(v string) *CreatePermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *CreatePermissionSetInput) SetName(v string) *CreatePermissionSetInput {
+ s.Name = &v
+ return s
+}
+
+// SetRelayState sets the RelayState field's value.
+func (s *CreatePermissionSetInput) SetRelayState(v string) *CreatePermissionSetInput {
+ s.RelayState = &v
+ return s
+}
+
+// SetSessionDuration sets the SessionDuration field's value.
+func (s *CreatePermissionSetInput) SetSessionDuration(v string) *CreatePermissionSetInput {
+ s.SessionDuration = &v
+ return s
+}
+
+// SetTags sets the Tags field's value.
+func (s *CreatePermissionSetInput) SetTags(v []*Tag) *CreatePermissionSetInput {
+ s.Tags = v
+ return s
+}
+
+type CreatePermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Defines the level of access on an AWS account.
+ PermissionSet *PermissionSet `type:"structure"`
+}
+
+// String returns the string representation
+func (s CreatePermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreatePermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetPermissionSet sets the PermissionSet field's value.
+func (s *CreatePermissionSetOutput) SetPermissionSet(v *PermissionSet) *CreatePermissionSetOutput {
+ s.PermissionSet = v
+ return s
+}
+
+type DeleteAccountAssignmentInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set that will be used to remove access.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+
+ // The identifier of the principal.
+ //
+ // PrincipalId is a required field
+ PrincipalId *string `min:"1" type:"string" required:"true"`
+
+ // The entity type for which the assignment will be deleted.
+ //
+ // PrincipalType is a required field
+ PrincipalType *string `type:"string" required:"true" enum:"PrincipalType"`
+
+ // The identifier for the chosen target.
+ //
+ // TargetId is a required field
+ TargetId *string `type:"string" required:"true"`
+
+ // The entity type for which the assignment will be deleted.
+ //
+ // TargetType is a required field
+ TargetType *string `type:"string" required:"true" enum:"TargetType"`
+}
+
+// String returns the string representation
+func (s DeleteAccountAssignmentInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteAccountAssignmentInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteAccountAssignmentInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeleteAccountAssignmentInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+ if s.PrincipalId == nil {
+ invalidParams.Add(request.NewErrParamRequired("PrincipalId"))
+ }
+ if s.PrincipalId != nil && len(*s.PrincipalId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("PrincipalId", 1))
+ }
+ if s.PrincipalType == nil {
+ invalidParams.Add(request.NewErrParamRequired("PrincipalType"))
+ }
+ if s.TargetId == nil {
+ invalidParams.Add(request.NewErrParamRequired("TargetId"))
+ }
+ if s.TargetType == nil {
+ invalidParams.Add(request.NewErrParamRequired("TargetType"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DeleteAccountAssignmentInput) SetInstanceArn(v string) *DeleteAccountAssignmentInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *DeleteAccountAssignmentInput) SetPermissionSetArn(v string) *DeleteAccountAssignmentInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetPrincipalId sets the PrincipalId field's value.
+func (s *DeleteAccountAssignmentInput) SetPrincipalId(v string) *DeleteAccountAssignmentInput {
+ s.PrincipalId = &v
+ return s
+}
+
+// SetPrincipalType sets the PrincipalType field's value.
+func (s *DeleteAccountAssignmentInput) SetPrincipalType(v string) *DeleteAccountAssignmentInput {
+ s.PrincipalType = &v
+ return s
+}
+
+// SetTargetId sets the TargetId field's value.
+func (s *DeleteAccountAssignmentInput) SetTargetId(v string) *DeleteAccountAssignmentInput {
+ s.TargetId = &v
+ return s
+}
+
+// SetTargetType sets the TargetType field's value.
+func (s *DeleteAccountAssignmentInput) SetTargetType(v string) *DeleteAccountAssignmentInput {
+ s.TargetType = &v
+ return s
+}
+
+type DeleteAccountAssignmentOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment deletion operation.
+ AccountAssignmentDeletionStatus *AccountAssignmentOperationStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeleteAccountAssignmentOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteAccountAssignmentOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentDeletionStatus sets the AccountAssignmentDeletionStatus field's value.
+func (s *DeleteAccountAssignmentOutput) SetAccountAssignmentDeletionStatus(v *AccountAssignmentOperationStatus) *DeleteAccountAssignmentOutput {
+ s.AccountAssignmentDeletionStatus = v
+ return s
+}
+
+type DeleteInlinePolicyFromPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set that will be used to remove access.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DeleteInlinePolicyFromPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteInlinePolicyFromPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteInlinePolicyFromPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeleteInlinePolicyFromPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DeleteInlinePolicyFromPermissionSetInput) SetInstanceArn(v string) *DeleteInlinePolicyFromPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *DeleteInlinePolicyFromPermissionSetInput) SetPermissionSetArn(v string) *DeleteInlinePolicyFromPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type DeleteInlinePolicyFromPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeleteInlinePolicyFromPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteInlinePolicyFromPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+type DeletePermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set that should be deleted.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DeletePermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeletePermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeletePermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeletePermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DeletePermissionSetInput) SetInstanceArn(v string) *DeletePermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *DeletePermissionSetInput) SetPermissionSetArn(v string) *DeletePermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type DeletePermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeletePermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeletePermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+type DescribeAccountAssignmentCreationStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier that is used to track the request operation progress.
+ //
+ // AccountAssignmentCreationRequestId is a required field
+ AccountAssignmentCreationRequestId *string `type:"string" required:"true"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribeAccountAssignmentCreationStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeAccountAssignmentCreationStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribeAccountAssignmentCreationStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeAccountAssignmentCreationStatusInput"}
+ if s.AccountAssignmentCreationRequestId == nil {
+ invalidParams.Add(request.NewErrParamRequired("AccountAssignmentCreationRequestId"))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAccountAssignmentCreationRequestId sets the AccountAssignmentCreationRequestId field's value.
+func (s *DescribeAccountAssignmentCreationStatusInput) SetAccountAssignmentCreationRequestId(v string) *DescribeAccountAssignmentCreationStatusInput {
+ s.AccountAssignmentCreationRequestId = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DescribeAccountAssignmentCreationStatusInput) SetInstanceArn(v string) *DescribeAccountAssignmentCreationStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+type DescribeAccountAssignmentCreationStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment creation operation.
+ AccountAssignmentCreationStatus *AccountAssignmentOperationStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s DescribeAccountAssignmentCreationStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeAccountAssignmentCreationStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentCreationStatus sets the AccountAssignmentCreationStatus field's value.
+func (s *DescribeAccountAssignmentCreationStatusOutput) SetAccountAssignmentCreationStatus(v *AccountAssignmentOperationStatus) *DescribeAccountAssignmentCreationStatusOutput {
+ s.AccountAssignmentCreationStatus = v
+ return s
+}
+
+type DescribeAccountAssignmentDeletionStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier that is used to track the request operation progress.
+ //
+ // AccountAssignmentDeletionRequestId is a required field
+ AccountAssignmentDeletionRequestId *string `type:"string" required:"true"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribeAccountAssignmentDeletionStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeAccountAssignmentDeletionStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribeAccountAssignmentDeletionStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeAccountAssignmentDeletionStatusInput"}
+ if s.AccountAssignmentDeletionRequestId == nil {
+ invalidParams.Add(request.NewErrParamRequired("AccountAssignmentDeletionRequestId"))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAccountAssignmentDeletionRequestId sets the AccountAssignmentDeletionRequestId field's value.
+func (s *DescribeAccountAssignmentDeletionStatusInput) SetAccountAssignmentDeletionRequestId(v string) *DescribeAccountAssignmentDeletionStatusInput {
+ s.AccountAssignmentDeletionRequestId = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DescribeAccountAssignmentDeletionStatusInput) SetInstanceArn(v string) *DescribeAccountAssignmentDeletionStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+type DescribeAccountAssignmentDeletionStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment deletion operation.
+ AccountAssignmentDeletionStatus *AccountAssignmentOperationStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s DescribeAccountAssignmentDeletionStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribeAccountAssignmentDeletionStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentDeletionStatus sets the AccountAssignmentDeletionStatus field's value.
+func (s *DescribeAccountAssignmentDeletionStatusOutput) SetAccountAssignmentDeletionStatus(v *AccountAssignmentOperationStatus) *DescribeAccountAssignmentDeletionStatusOutput {
+ s.AccountAssignmentDeletionStatus = v
+ return s
+}
+
+type DescribePermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribePermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribePermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribePermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribePermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DescribePermissionSetInput) SetInstanceArn(v string) *DescribePermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *DescribePermissionSetInput) SetPermissionSetArn(v string) *DescribePermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type DescribePermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Describes the level of access on an AWS account.
+ PermissionSet *PermissionSet `type:"structure"`
+}
+
+// String returns the string representation
+func (s DescribePermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribePermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetPermissionSet sets the PermissionSet field's value.
+func (s *DescribePermissionSetOutput) SetPermissionSet(v *PermissionSet) *DescribePermissionSetOutput {
+ s.PermissionSet = v
+ return s
+}
+
+type DescribePermissionSetProvisioningStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The identifier that is provided by the ProvisionPermissionSet call to retrieve
+ // the current status of the provisioning workflow.
+ //
+ // ProvisionPermissionSetRequestId is a required field
+ ProvisionPermissionSetRequestId *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DescribePermissionSetProvisioningStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribePermissionSetProvisioningStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribePermissionSetProvisioningStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribePermissionSetProvisioningStatusInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ProvisionPermissionSetRequestId == nil {
+ invalidParams.Add(request.NewErrParamRequired("ProvisionPermissionSetRequestId"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DescribePermissionSetProvisioningStatusInput) SetInstanceArn(v string) *DescribePermissionSetProvisioningStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetProvisionPermissionSetRequestId sets the ProvisionPermissionSetRequestId field's value.
+func (s *DescribePermissionSetProvisioningStatusInput) SetProvisionPermissionSetRequestId(v string) *DescribePermissionSetProvisioningStatusInput {
+ s.ProvisionPermissionSetRequestId = &v
+ return s
+}
+
+type DescribePermissionSetProvisioningStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the permission set provisioning operation.
+ PermissionSetProvisioningStatus *PermissionSetProvisioningStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s DescribePermissionSetProvisioningStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DescribePermissionSetProvisioningStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetPermissionSetProvisioningStatus sets the PermissionSetProvisioningStatus field's value.
+func (s *DescribePermissionSetProvisioningStatusOutput) SetPermissionSetProvisioningStatus(v *PermissionSetProvisioningStatus) *DescribePermissionSetProvisioningStatusOutput {
+ s.PermissionSetProvisioningStatus = v
+ return s
+}
+
+type DetachManagedPolicyFromPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The IAM managed policy ARN to be attached to a permission set.
+ //
+ // ManagedPolicyArn is a required field
+ ManagedPolicyArn *string `min:"20" type:"string" required:"true"`
+
+ // The ARN of the PermissionSet from which the policy should be detached.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DetachManagedPolicyFromPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DetachManagedPolicyFromPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DetachManagedPolicyFromPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DetachManagedPolicyFromPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ManagedPolicyArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("ManagedPolicyArn"))
+ }
+ if s.ManagedPolicyArn != nil && len(*s.ManagedPolicyArn) < 20 {
+ invalidParams.Add(request.NewErrParamMinLen("ManagedPolicyArn", 20))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *DetachManagedPolicyFromPermissionSetInput) SetInstanceArn(v string) *DetachManagedPolicyFromPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetManagedPolicyArn sets the ManagedPolicyArn field's value.
+func (s *DetachManagedPolicyFromPermissionSetInput) SetManagedPolicyArn(v string) *DetachManagedPolicyFromPermissionSetInput {
+ s.ManagedPolicyArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *DetachManagedPolicyFromPermissionSetInput) SetPermissionSetArn(v string) *DetachManagedPolicyFromPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type DetachManagedPolicyFromPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DetachManagedPolicyFromPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DetachManagedPolicyFromPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+type GetInlinePolicyForPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetInlinePolicyForPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetInlinePolicyForPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetInlinePolicyForPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetInlinePolicyForPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *GetInlinePolicyForPermissionSetInput) SetInstanceArn(v string) *GetInlinePolicyForPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *GetInlinePolicyForPermissionSetInput) SetPermissionSetArn(v string) *GetInlinePolicyForPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type GetInlinePolicyForPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The IAM inline policy that is attached to the permission set.
+ InlinePolicy *string `min:"1" type:"string" sensitive:"true"`
+}
+
+// String returns the string representation
+func (s GetInlinePolicyForPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetInlinePolicyForPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetInlinePolicy sets the InlinePolicy field's value.
+func (s *GetInlinePolicyForPermissionSetOutput) SetInlinePolicy(v string) *GetInlinePolicyForPermissionSetOutput {
+ s.InlinePolicy = &v
+ return s
+}
+
+// Provides information about the SSO instance.
+type InstanceMetadata struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the identity store that is connected to the SSO instance.
+ IdentityStoreId *string `min:"1" type:"string"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ InstanceArn *string `min:"10" type:"string"`
+}
+
+// String returns the string representation
+func (s InstanceMetadata) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InstanceMetadata) GoString() string {
+ return s.String()
+}
+
+// SetIdentityStoreId sets the IdentityStoreId field's value.
+func (s *InstanceMetadata) SetIdentityStoreId(v string) *InstanceMetadata {
+ s.IdentityStoreId = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *InstanceMetadata) SetInstanceArn(v string) *InstanceMetadata {
+ s.InstanceArn = &v
+ return s
+}
+
+// The request processing has failed because of an unknown error, exception,
+// or failure with an internal server.
+type InternalServerException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s InternalServerException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InternalServerException) GoString() string {
+ return s.String()
+}
+
+func newErrorInternalServerException(v protocol.ResponseMetadata) error {
+ return &InternalServerException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InternalServerException) Code() string {
+ return "InternalServerException"
+}
+
+// Message returns the exception's message.
+func (s *InternalServerException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InternalServerException) OrigErr() error {
+ return nil
+}
+
+func (s *InternalServerException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InternalServerException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InternalServerException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type ListAccountAssignmentCreationStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // Filters results based on the passed attribute value.
+ Filter *OperationStatusFilter `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentCreationStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentCreationStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListAccountAssignmentCreationStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListAccountAssignmentCreationStatusInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFilter sets the Filter field's value.
+func (s *ListAccountAssignmentCreationStatusInput) SetFilter(v *OperationStatusFilter) *ListAccountAssignmentCreationStatusInput {
+ s.Filter = v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListAccountAssignmentCreationStatusInput) SetInstanceArn(v string) *ListAccountAssignmentCreationStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListAccountAssignmentCreationStatusInput) SetMaxResults(v int64) *ListAccountAssignmentCreationStatusInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentCreationStatusInput) SetNextToken(v string) *ListAccountAssignmentCreationStatusInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListAccountAssignmentCreationStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment creation operation.
+ AccountAssignmentsCreationStatus []*AccountAssignmentOperationStatusMetadata `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentCreationStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentCreationStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentsCreationStatus sets the AccountAssignmentsCreationStatus field's value.
+func (s *ListAccountAssignmentCreationStatusOutput) SetAccountAssignmentsCreationStatus(v []*AccountAssignmentOperationStatusMetadata) *ListAccountAssignmentCreationStatusOutput {
+ s.AccountAssignmentsCreationStatus = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentCreationStatusOutput) SetNextToken(v string) *ListAccountAssignmentCreationStatusOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListAccountAssignmentDeletionStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // Filters results based on the passed attribute value.
+ Filter *OperationStatusFilter `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentDeletionStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentDeletionStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListAccountAssignmentDeletionStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListAccountAssignmentDeletionStatusInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFilter sets the Filter field's value.
+func (s *ListAccountAssignmentDeletionStatusInput) SetFilter(v *OperationStatusFilter) *ListAccountAssignmentDeletionStatusInput {
+ s.Filter = v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListAccountAssignmentDeletionStatusInput) SetInstanceArn(v string) *ListAccountAssignmentDeletionStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListAccountAssignmentDeletionStatusInput) SetMaxResults(v int64) *ListAccountAssignmentDeletionStatusInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentDeletionStatusInput) SetNextToken(v string) *ListAccountAssignmentDeletionStatusInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListAccountAssignmentDeletionStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the account assignment deletion operation.
+ AccountAssignmentsDeletionStatus []*AccountAssignmentOperationStatusMetadata `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentDeletionStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentDeletionStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignmentsDeletionStatus sets the AccountAssignmentsDeletionStatus field's value.
+func (s *ListAccountAssignmentDeletionStatusOutput) SetAccountAssignmentsDeletionStatus(v []*AccountAssignmentOperationStatusMetadata) *ListAccountAssignmentDeletionStatusOutput {
+ s.AccountAssignmentsDeletionStatus = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentDeletionStatusOutput) SetNextToken(v string) *ListAccountAssignmentDeletionStatusOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListAccountAssignmentsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the AWS account from which to list the assignments.
+ //
+ // AccountId is a required field
+ AccountId *string `type:"string" required:"true"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The ARN of the permission set from which to list assignments.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListAccountAssignmentsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListAccountAssignmentsInput"}
+ if s.AccountId == nil {
+ invalidParams.Add(request.NewErrParamRequired("AccountId"))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAccountId sets the AccountId field's value.
+func (s *ListAccountAssignmentsInput) SetAccountId(v string) *ListAccountAssignmentsInput {
+ s.AccountId = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListAccountAssignmentsInput) SetInstanceArn(v string) *ListAccountAssignmentsInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListAccountAssignmentsInput) SetMaxResults(v int64) *ListAccountAssignmentsInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentsInput) SetNextToken(v string) *ListAccountAssignmentsInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *ListAccountAssignmentsInput) SetPermissionSetArn(v string) *ListAccountAssignmentsInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type ListAccountAssignmentsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The list of assignments that match the input AWS account and permission set.
+ AccountAssignments []*AccountAssignment `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountAssignmentsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountAssignmentsOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountAssignments sets the AccountAssignments field's value.
+func (s *ListAccountAssignmentsOutput) SetAccountAssignments(v []*AccountAssignment) *ListAccountAssignmentsOutput {
+ s.AccountAssignments = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountAssignmentsOutput) SetNextToken(v string) *ListAccountAssignmentsOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListAccountsForProvisionedPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the PermissionSet.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The ARN of the PermissionSet from which the associated AWS accounts will
+ // be listed.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+
+ // The permission set provisioning status for an AWS account.
+ ProvisioningStatus *string `type:"string" enum:"ProvisioningStatus"`
+}
+
+// String returns the string representation
+func (s ListAccountsForProvisionedPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountsForProvisionedPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListAccountsForProvisionedPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListAccountsForProvisionedPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListAccountsForProvisionedPermissionSetInput) SetInstanceArn(v string) *ListAccountsForProvisionedPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListAccountsForProvisionedPermissionSetInput) SetMaxResults(v int64) *ListAccountsForProvisionedPermissionSetInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountsForProvisionedPermissionSetInput) SetNextToken(v string) *ListAccountsForProvisionedPermissionSetInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *ListAccountsForProvisionedPermissionSetInput) SetPermissionSetArn(v string) *ListAccountsForProvisionedPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetProvisioningStatus sets the ProvisioningStatus field's value.
+func (s *ListAccountsForProvisionedPermissionSetInput) SetProvisioningStatus(v string) *ListAccountsForProvisionedPermissionSetInput {
+ s.ProvisioningStatus = &v
+ return s
+}
+
+type ListAccountsForProvisionedPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The list of AWS AccountIds.
+ AccountIds []*string `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListAccountsForProvisionedPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListAccountsForProvisionedPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccountIds sets the AccountIds field's value.
+func (s *ListAccountsForProvisionedPermissionSetOutput) SetAccountIds(v []*string) *ListAccountsForProvisionedPermissionSetOutput {
+ s.AccountIds = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListAccountsForProvisionedPermissionSetOutput) SetNextToken(v string) *ListAccountsForProvisionedPermissionSetOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListInstancesInput struct {
+ _ struct{} `type:"structure"`
+
+ // The maximum number of results to display for the instance.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListInstancesInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListInstancesInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListInstancesInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListInstancesInput"}
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListInstancesInput) SetMaxResults(v int64) *ListInstancesInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListInstancesInput) SetNextToken(v string) *ListInstancesInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListInstancesOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Lists the SSO instances that the caller has access to.
+ Instances []*InstanceMetadata `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListInstancesOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListInstancesOutput) GoString() string {
+ return s.String()
+}
+
+// SetInstances sets the Instances field's value.
+func (s *ListInstancesOutput) SetInstances(v []*InstanceMetadata) *ListInstancesOutput {
+ s.Instances = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListInstancesOutput) SetNextToken(v string) *ListInstancesOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListManagedPoliciesInPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the PermissionSet.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The ARN of the PermissionSet whose managed policies will be listed.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s ListManagedPoliciesInPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListManagedPoliciesInPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListManagedPoliciesInPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListManagedPoliciesInPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListManagedPoliciesInPermissionSetInput) SetInstanceArn(v string) *ListManagedPoliciesInPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListManagedPoliciesInPermissionSetInput) SetMaxResults(v int64) *ListManagedPoliciesInPermissionSetInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListManagedPoliciesInPermissionSetInput) SetNextToken(v string) *ListManagedPoliciesInPermissionSetInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *ListManagedPoliciesInPermissionSetInput) SetPermissionSetArn(v string) *ListManagedPoliciesInPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type ListManagedPoliciesInPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The array of the AttachedManagedPolicy data type object.
+ AttachedManagedPolicies []*AttachedManagedPolicy `type:"list"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListManagedPoliciesInPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListManagedPoliciesInPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
+func (s *ListManagedPoliciesInPermissionSetOutput) SetAttachedManagedPolicies(v []*AttachedManagedPolicy) *ListManagedPoliciesInPermissionSetOutput {
+ s.AttachedManagedPolicies = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListManagedPoliciesInPermissionSetOutput) SetNextToken(v string) *ListManagedPoliciesInPermissionSetOutput {
+ s.NextToken = &v
+ return s
+}
+
+type ListPermissionSetProvisioningStatusInput struct {
+ _ struct{} `type:"structure"`
+
+ // Filters results based on the passed attribute value.
+ Filter *OperationStatusFilter `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetProvisioningStatusInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetProvisioningStatusInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListPermissionSetProvisioningStatusInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListPermissionSetProvisioningStatusInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFilter sets the Filter field's value.
+func (s *ListPermissionSetProvisioningStatusInput) SetFilter(v *OperationStatusFilter) *ListPermissionSetProvisioningStatusInput {
+ s.Filter = v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListPermissionSetProvisioningStatusInput) SetInstanceArn(v string) *ListPermissionSetProvisioningStatusInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListPermissionSetProvisioningStatusInput) SetMaxResults(v int64) *ListPermissionSetProvisioningStatusInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetProvisioningStatusInput) SetNextToken(v string) *ListPermissionSetProvisioningStatusInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListPermissionSetProvisioningStatusOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The status object for the permission set provisioning operation.
+ PermissionSetsProvisioningStatus []*PermissionSetProvisioningStatusMetadata `type:"list"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetProvisioningStatusOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetProvisioningStatusOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetProvisioningStatusOutput) SetNextToken(v string) *ListPermissionSetProvisioningStatusOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSetsProvisioningStatus sets the PermissionSetsProvisioningStatus field's value.
+func (s *ListPermissionSetProvisioningStatusOutput) SetPermissionSetsProvisioningStatus(v []*PermissionSetProvisioningStatusMetadata) *ListPermissionSetProvisioningStatusOutput {
+ s.PermissionSetsProvisioningStatus = v
+ return s
+}
+
+type ListPermissionSetsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListPermissionSetsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListPermissionSetsInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListPermissionSetsInput) SetInstanceArn(v string) *ListPermissionSetsInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListPermissionSetsInput) SetMaxResults(v int64) *ListPermissionSetsInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetsInput) SetNextToken(v string) *ListPermissionSetsInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListPermissionSetsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // Defines the level of access on an AWS account.
+ PermissionSets []*string `type:"list"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetsOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetsOutput) SetNextToken(v string) *ListPermissionSetsOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSets sets the PermissionSets field's value.
+func (s *ListPermissionSetsOutput) SetPermissionSets(v []*string) *ListPermissionSetsOutput {
+ s.PermissionSets = v
+ return s
+}
+
+type ListPermissionSetsProvisionedToAccountInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the AWS account from which to list the assignments.
+ //
+ // AccountId is a required field
+ AccountId *string `type:"string" required:"true"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The maximum number of results to display for the assignment.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The status object for the permission set provisioning operation.
+ ProvisioningStatus *string `type:"string" enum:"ProvisioningStatus"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetsProvisionedToAccountInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetsProvisionedToAccountInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListPermissionSetsProvisionedToAccountInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListPermissionSetsProvisionedToAccountInput"}
+ if s.AccountId == nil {
+ invalidParams.Add(request.NewErrParamRequired("AccountId"))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAccountId sets the AccountId field's value.
+func (s *ListPermissionSetsProvisionedToAccountInput) SetAccountId(v string) *ListPermissionSetsProvisionedToAccountInput {
+ s.AccountId = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListPermissionSetsProvisionedToAccountInput) SetInstanceArn(v string) *ListPermissionSetsProvisionedToAccountInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListPermissionSetsProvisionedToAccountInput) SetMaxResults(v int64) *ListPermissionSetsProvisionedToAccountInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetsProvisionedToAccountInput) SetNextToken(v string) *ListPermissionSetsProvisionedToAccountInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetProvisioningStatus sets the ProvisioningStatus field's value.
+func (s *ListPermissionSetsProvisionedToAccountInput) SetProvisioningStatus(v string) *ListPermissionSetsProvisionedToAccountInput {
+ s.ProvisioningStatus = &v
+ return s
+}
+
+type ListPermissionSetsProvisionedToAccountOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // Defines the level of access that an AWS account has.
+ PermissionSets []*string `type:"list"`
+}
+
+// String returns the string representation
+func (s ListPermissionSetsProvisionedToAccountOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListPermissionSetsProvisionedToAccountOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListPermissionSetsProvisionedToAccountOutput) SetNextToken(v string) *ListPermissionSetsProvisionedToAccountOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetPermissionSets sets the PermissionSets field's value.
+func (s *ListPermissionSetsProvisionedToAccountOutput) SetPermissionSets(v []*string) *ListPermissionSetsProvisionedToAccountOutput {
+ s.PermissionSets = v
+ return s
+}
+
+type ListTagsForResourceInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // The ARN of the resource with the tags to be listed.
+ //
+ // ResourceArn is a required field
+ ResourceArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s ListTagsForResourceInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListTagsForResourceInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListTagsForResourceInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ResourceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
+ }
+ if s.ResourceArn != nil && len(*s.ResourceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ListTagsForResourceInput) SetInstanceArn(v string) *ListTagsForResourceInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListTagsForResourceInput) SetNextToken(v string) *ListTagsForResourceInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetResourceArn sets the ResourceArn field's value.
+func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput {
+ s.ResourceArn = &v
+ return s
+}
+
+type ListTagsForResourceOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The pagination token for the list API. Initially the value is null. Use the
+ // output of previous API calls to make subsequent calls.
+ NextToken *string `type:"string"`
+
+ // A set of key-value pairs that are used to manage the resource.
+ Tags []*Tag `type:"list"`
+}
+
+// String returns the string representation
+func (s ListTagsForResourceOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListTagsForResourceOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListTagsForResourceOutput) SetNextToken(v string) *ListTagsForResourceOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetTags sets the Tags field's value.
+func (s *ListTagsForResourceOutput) SetTags(v []*Tag) *ListTagsForResourceOutput {
+ s.Tags = v
+ return s
+}
+
+// Filters he operation status list based on the passed attribute value.
+type OperationStatusFilter struct {
+ _ struct{} `type:"structure"`
+
+ // Filters the list operations result based on the status attribute.
+ Status *string `type:"string" enum:"StatusValues"`
+}
+
+// String returns the string representation
+func (s OperationStatusFilter) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OperationStatusFilter) GoString() string {
+ return s.String()
+}
+
+// SetStatus sets the Status field's value.
+func (s *OperationStatusFilter) SetStatus(v string) *OperationStatusFilter {
+ s.Status = &v
+ return s
+}
+
+// An entity that contains IAM policies.
+type PermissionSet struct {
+ _ struct{} `type:"structure"`
+
+ // The date that the permission set was created.
+ CreatedDate *time.Time `type:"timestamp"`
+
+ // The description of the PermissionSet.
+ Description *string `min:"1" type:"string"`
+
+ // The name of the permission set.
+ Name *string `min:"1" type:"string"`
+
+ // The ARN of the permission set. For more information about ARNs, see Amazon
+ // Resource Names (ARNs) and AWS Service Namespaces (/general/latest/gr/aws-arns-and-namespaces.html)
+ // in the AWS General Reference.
+ PermissionSetArn *string `min:"10" type:"string"`
+
+ // Used to redirect users within the application during the federation authentication
+ // process.
+ RelayState *string `min:"1" type:"string"`
+
+ // The length of time that the application user sessions are valid for in the
+ // ISO-8601 standard.
+ SessionDuration *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s PermissionSet) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PermissionSet) GoString() string {
+ return s.String()
+}
+
+// SetCreatedDate sets the CreatedDate field's value.
+func (s *PermissionSet) SetCreatedDate(v time.Time) *PermissionSet {
+ s.CreatedDate = &v
+ return s
+}
+
+// SetDescription sets the Description field's value.
+func (s *PermissionSet) SetDescription(v string) *PermissionSet {
+ s.Description = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *PermissionSet) SetName(v string) *PermissionSet {
+ s.Name = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *PermissionSet) SetPermissionSetArn(v string) *PermissionSet {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetRelayState sets the RelayState field's value.
+func (s *PermissionSet) SetRelayState(v string) *PermissionSet {
+ s.RelayState = &v
+ return s
+}
+
+// SetSessionDuration sets the SessionDuration field's value.
+func (s *PermissionSet) SetSessionDuration(v string) *PermissionSet {
+ s.SessionDuration = &v
+ return s
+}
+
+// A structure that is used to provide the status of the provisioning operation
+// for a specified permission set.
+type PermissionSetProvisioningStatus struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the AWS account from which to list the assignments.
+ AccountId *string `type:"string"`
+
+ // The date that the permission set was created.
+ CreatedDate *time.Time `type:"timestamp"`
+
+ // The message that contains an error or exception in case of an operation failure.
+ FailureReason *string `type:"string"`
+
+ // The ARN of the permission set that is being provisioned. For more information
+ // about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces (/general/latest/gr/aws-arns-and-namespaces.html)
+ // in the AWS General Reference.
+ PermissionSetArn *string `min:"10" type:"string"`
+
+ // The identifier for tracking the request operation that is generated by the
+ // universally unique identifier (UUID) workflow.
+ RequestId *string `type:"string"`
+
+ // The status of the permission set provisioning process.
+ Status *string `type:"string" enum:"StatusValues"`
+}
+
+// String returns the string representation
+func (s PermissionSetProvisioningStatus) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PermissionSetProvisioningStatus) GoString() string {
+ return s.String()
+}
+
+// SetAccountId sets the AccountId field's value.
+func (s *PermissionSetProvisioningStatus) SetAccountId(v string) *PermissionSetProvisioningStatus {
+ s.AccountId = &v
+ return s
+}
+
+// SetCreatedDate sets the CreatedDate field's value.
+func (s *PermissionSetProvisioningStatus) SetCreatedDate(v time.Time) *PermissionSetProvisioningStatus {
+ s.CreatedDate = &v
+ return s
+}
+
+// SetFailureReason sets the FailureReason field's value.
+func (s *PermissionSetProvisioningStatus) SetFailureReason(v string) *PermissionSetProvisioningStatus {
+ s.FailureReason = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *PermissionSetProvisioningStatus) SetPermissionSetArn(v string) *PermissionSetProvisioningStatus {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetRequestId sets the RequestId field's value.
+func (s *PermissionSetProvisioningStatus) SetRequestId(v string) *PermissionSetProvisioningStatus {
+ s.RequestId = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *PermissionSetProvisioningStatus) SetStatus(v string) *PermissionSetProvisioningStatus {
+ s.Status = &v
+ return s
+}
+
+// Provides information about the permission set provisioning status.
+type PermissionSetProvisioningStatusMetadata struct {
+ _ struct{} `type:"structure"`
+
+ // The date that the permission set was created.
+ CreatedDate *time.Time `type:"timestamp"`
+
+ // The identifier for tracking the request operation that is generated by the
+ // universally unique identifier (UUID) workflow.
+ RequestId *string `type:"string"`
+
+ // The status of the permission set provisioning process.
+ Status *string `type:"string" enum:"StatusValues"`
+}
+
+// String returns the string representation
+func (s PermissionSetProvisioningStatusMetadata) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PermissionSetProvisioningStatusMetadata) GoString() string {
+ return s.String()
+}
+
+// SetCreatedDate sets the CreatedDate field's value.
+func (s *PermissionSetProvisioningStatusMetadata) SetCreatedDate(v time.Time) *PermissionSetProvisioningStatusMetadata {
+ s.CreatedDate = &v
+ return s
+}
+
+// SetRequestId sets the RequestId field's value.
+func (s *PermissionSetProvisioningStatusMetadata) SetRequestId(v string) *PermissionSetProvisioningStatusMetadata {
+ s.RequestId = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *PermissionSetProvisioningStatusMetadata) SetStatus(v string) *PermissionSetProvisioningStatusMetadata {
+ s.Status = &v
+ return s
+}
+
+type ProvisionPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+
+ // The identifier for the chosen target.
+ TargetId *string `type:"string"`
+
+ // The entity type for which the assignment will be created.
+ //
+ // TargetType is a required field
+ TargetType *string `type:"string" required:"true" enum:"ProvisionTargetType"`
+}
+
+// String returns the string representation
+func (s ProvisionPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ProvisionPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ProvisionPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ProvisionPermissionSetInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+ if s.TargetType == nil {
+ invalidParams.Add(request.NewErrParamRequired("TargetType"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *ProvisionPermissionSetInput) SetInstanceArn(v string) *ProvisionPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *ProvisionPermissionSetInput) SetPermissionSetArn(v string) *ProvisionPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetTargetId sets the TargetId field's value.
+func (s *ProvisionPermissionSetInput) SetTargetId(v string) *ProvisionPermissionSetInput {
+ s.TargetId = &v
+ return s
+}
+
+// SetTargetType sets the TargetType field's value.
+func (s *ProvisionPermissionSetInput) SetTargetType(v string) *ProvisionPermissionSetInput {
+ s.TargetType = &v
+ return s
+}
+
+type ProvisionPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The status object for the permission set provisioning operation.
+ PermissionSetProvisioningStatus *PermissionSetProvisioningStatus `type:"structure"`
+}
+
+// String returns the string representation
+func (s ProvisionPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ProvisionPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// SetPermissionSetProvisioningStatus sets the PermissionSetProvisioningStatus field's value.
+func (s *ProvisionPermissionSetOutput) SetPermissionSetProvisioningStatus(v *PermissionSetProvisioningStatus) *ProvisionPermissionSetOutput {
+ s.PermissionSetProvisioningStatus = v
+ return s
+}
+
+type PutInlinePolicyToPermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The IAM inline policy to attach to a PermissionSet.
+ //
+ // InlinePolicy is a required field
+ InlinePolicy *string `min:"1" type:"string" required:"true" sensitive:"true"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s PutInlinePolicyToPermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PutInlinePolicyToPermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *PutInlinePolicyToPermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "PutInlinePolicyToPermissionSetInput"}
+ if s.InlinePolicy == nil {
+ invalidParams.Add(request.NewErrParamRequired("InlinePolicy"))
+ }
+ if s.InlinePolicy != nil && len(*s.InlinePolicy) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("InlinePolicy", 1))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInlinePolicy sets the InlinePolicy field's value.
+func (s *PutInlinePolicyToPermissionSetInput) SetInlinePolicy(v string) *PutInlinePolicyToPermissionSetInput {
+ s.InlinePolicy = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *PutInlinePolicyToPermissionSetInput) SetInstanceArn(v string) *PutInlinePolicyToPermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *PutInlinePolicyToPermissionSetInput) SetPermissionSetArn(v string) *PutInlinePolicyToPermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+type PutInlinePolicyToPermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s PutInlinePolicyToPermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s PutInlinePolicyToPermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// Indicates that a requested resource is not found.
+type ResourceNotFoundException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s ResourceNotFoundException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ResourceNotFoundException) GoString() string {
+ return s.String()
+}
+
+func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error {
+ return &ResourceNotFoundException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ResourceNotFoundException) Code() string {
+ return "ResourceNotFoundException"
+}
+
+// Message returns the exception's message.
+func (s *ResourceNotFoundException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ResourceNotFoundException) OrigErr() error {
+ return nil
+}
+
+func (s *ResourceNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ResourceNotFoundException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ResourceNotFoundException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Indicates that the principal has crossed the permitted number of resources
+// that can be created.
+type ServiceQuotaExceededException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s ServiceQuotaExceededException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ServiceQuotaExceededException) GoString() string {
+ return s.String()
+}
+
+func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error {
+ return &ServiceQuotaExceededException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ServiceQuotaExceededException) Code() string {
+ return "ServiceQuotaExceededException"
+}
+
+// Message returns the exception's message.
+func (s *ServiceQuotaExceededException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ServiceQuotaExceededException) OrigErr() error {
+ return nil
+}
+
+func (s *ServiceQuotaExceededException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ServiceQuotaExceededException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ServiceQuotaExceededException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// A set of key-value pairs that are used to manage the resource. Tags can only
+// be applied to permission sets and cannot be applied to corresponding roles
+// that AWS SSO creates in AWS accounts.
+type Tag struct {
+ _ struct{} `type:"structure"`
+
+ // The key for the tag.
+ Key *string `min:"1" type:"string"`
+
+ // The value of the tag.
+ Value *string `type:"string"`
+}
+
+// String returns the string representation
+func (s Tag) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Tag) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *Tag) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "Tag"}
+ if s.Key != nil && len(*s.Key) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Key", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetKey sets the Key field's value.
+func (s *Tag) SetKey(v string) *Tag {
+ s.Key = &v
+ return s
+}
+
+// SetValue sets the Value field's value.
+func (s *Tag) SetValue(v string) *Tag {
+ s.Value = &v
+ return s
+}
+
+type TagResourceInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the resource with the tags to be listed.
+ //
+ // ResourceArn is a required field
+ ResourceArn *string `min:"10" type:"string" required:"true"`
+
+ // A set of key-value pairs that are used to manage the resource.
+ //
+ // Tags is a required field
+ Tags []*Tag `type:"list" required:"true"`
+}
+
+// String returns the string representation
+func (s TagResourceInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s TagResourceInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *TagResourceInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ResourceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
+ }
+ if s.ResourceArn != nil && len(*s.ResourceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 10))
+ }
+ if s.Tags == nil {
+ invalidParams.Add(request.NewErrParamRequired("Tags"))
+ }
+ if s.Tags != nil {
+ for i, v := range s.Tags {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *TagResourceInput) SetInstanceArn(v string) *TagResourceInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetResourceArn sets the ResourceArn field's value.
+func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput {
+ s.ResourceArn = &v
+ return s
+}
+
+// SetTags sets the Tags field's value.
+func (s *TagResourceInput) SetTags(v []*Tag) *TagResourceInput {
+ s.Tags = v
+ return s
+}
+
+type TagResourceOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s TagResourceOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s TagResourceOutput) GoString() string {
+ return s.String()
+}
+
+// Indicates that the principal has crossed the throttling limits of the API
+// operations.
+type ThrottlingException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s ThrottlingException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ThrottlingException) GoString() string {
+ return s.String()
+}
+
+func newErrorThrottlingException(v protocol.ResponseMetadata) error {
+ return &ThrottlingException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ThrottlingException) Code() string {
+ return "ThrottlingException"
+}
+
+// Message returns the exception's message.
+func (s *ThrottlingException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ThrottlingException) OrigErr() error {
+ return nil
+}
+
+func (s *ThrottlingException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ThrottlingException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ThrottlingException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type UntagResourceInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the resource with the tags to be listed.
+ //
+ // ResourceArn is a required field
+ ResourceArn *string `min:"10" type:"string" required:"true"`
+
+ // The keys of tags that are attached to the resource.
+ //
+ // TagKeys is a required field
+ TagKeys []*string `min:"1" type:"list" required:"true"`
+}
+
+// String returns the string representation
+func (s UntagResourceInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UntagResourceInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *UntagResourceInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"}
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.ResourceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
+ }
+ if s.ResourceArn != nil && len(*s.ResourceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 10))
+ }
+ if s.TagKeys == nil {
+ invalidParams.Add(request.NewErrParamRequired("TagKeys"))
+ }
+ if s.TagKeys != nil && len(s.TagKeys) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("TagKeys", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *UntagResourceInput) SetInstanceArn(v string) *UntagResourceInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetResourceArn sets the ResourceArn field's value.
+func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput {
+ s.ResourceArn = &v
+ return s
+}
+
+// SetTagKeys sets the TagKeys field's value.
+func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput {
+ s.TagKeys = v
+ return s
+}
+
+type UntagResourceOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s UntagResourceOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UntagResourceOutput) GoString() string {
+ return s.String()
+}
+
+type UpdatePermissionSetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The description of the PermissionSet.
+ Description *string `min:"1" type:"string"`
+
+ // The ARN of the SSO instance under which the operation will be executed. For
+ // more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
+ // Namespaces (/general/latest/gr/aws-arns-and-namespaces.html) in the AWS General
+ // Reference.
+ //
+ // InstanceArn is a required field
+ InstanceArn *string `min:"10" type:"string" required:"true"`
+
+ // The ARN of the permission set.
+ //
+ // PermissionSetArn is a required field
+ PermissionSetArn *string `min:"10" type:"string" required:"true"`
+
+ // Used to redirect users within the application during the federation authentication
+ // process.
+ RelayState *string `min:"1" type:"string"`
+
+ // The length of time that the application user sessions are valid for in the
+ // ISO-8601 standard.
+ SessionDuration *string `min:"1" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdatePermissionSetInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdatePermissionSetInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *UpdatePermissionSetInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "UpdatePermissionSetInput"}
+ if s.Description != nil && len(*s.Description) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Description", 1))
+ }
+ if s.InstanceArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("InstanceArn"))
+ }
+ if s.InstanceArn != nil && len(*s.InstanceArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("InstanceArn", 10))
+ }
+ if s.PermissionSetArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("PermissionSetArn"))
+ }
+ if s.PermissionSetArn != nil && len(*s.PermissionSetArn) < 10 {
+ invalidParams.Add(request.NewErrParamMinLen("PermissionSetArn", 10))
+ }
+ if s.RelayState != nil && len(*s.RelayState) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("RelayState", 1))
+ }
+ if s.SessionDuration != nil && len(*s.SessionDuration) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SessionDuration", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetDescription sets the Description field's value.
+func (s *UpdatePermissionSetInput) SetDescription(v string) *UpdatePermissionSetInput {
+ s.Description = &v
+ return s
+}
+
+// SetInstanceArn sets the InstanceArn field's value.
+func (s *UpdatePermissionSetInput) SetInstanceArn(v string) *UpdatePermissionSetInput {
+ s.InstanceArn = &v
+ return s
+}
+
+// SetPermissionSetArn sets the PermissionSetArn field's value.
+func (s *UpdatePermissionSetInput) SetPermissionSetArn(v string) *UpdatePermissionSetInput {
+ s.PermissionSetArn = &v
+ return s
+}
+
+// SetRelayState sets the RelayState field's value.
+func (s *UpdatePermissionSetInput) SetRelayState(v string) *UpdatePermissionSetInput {
+ s.RelayState = &v
+ return s
+}
+
+// SetSessionDuration sets the SessionDuration field's value.
+func (s *UpdatePermissionSetInput) SetSessionDuration(v string) *UpdatePermissionSetInput {
+ s.SessionDuration = &v
+ return s
+}
+
+type UpdatePermissionSetOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s UpdatePermissionSetOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdatePermissionSetOutput) GoString() string {
+ return s.String()
+}
+
+// The request failed because it contains a syntax error.
+type ValidationException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation
+func (s ValidationException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ValidationException) GoString() string {
+ return s.String()
+}
+
+func newErrorValidationException(v protocol.ResponseMetadata) error {
+ return &ValidationException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ValidationException) Code() string {
+ return "ValidationException"
+}
+
+// Message returns the exception's message.
+func (s *ValidationException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ValidationException) OrigErr() error {
+ return nil
+}
+
+func (s *ValidationException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ValidationException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ValidationException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+const (
+ // PrincipalTypeUser is a PrincipalType enum value
+ PrincipalTypeUser = "USER"
+
+ // PrincipalTypeGroup is a PrincipalType enum value
+ PrincipalTypeGroup = "GROUP"
+)
+
+// PrincipalType_Values returns all elements of the PrincipalType enum
+func PrincipalType_Values() []string {
+ return []string{
+ PrincipalTypeUser,
+ PrincipalTypeGroup,
+ }
+}
+
+const (
+ // ProvisionTargetTypeAwsAccount is a ProvisionTargetType enum value
+ ProvisionTargetTypeAwsAccount = "AWS_ACCOUNT"
+
+ // ProvisionTargetTypeAllProvisionedAccounts is a ProvisionTargetType enum value
+ ProvisionTargetTypeAllProvisionedAccounts = "ALL_PROVISIONED_ACCOUNTS"
+)
+
+// ProvisionTargetType_Values returns all elements of the ProvisionTargetType enum
+func ProvisionTargetType_Values() []string {
+ return []string{
+ ProvisionTargetTypeAwsAccount,
+ ProvisionTargetTypeAllProvisionedAccounts,
+ }
+}
+
+const (
+ // ProvisioningStatusLatestPermissionSetProvisioned is a ProvisioningStatus enum value
+ ProvisioningStatusLatestPermissionSetProvisioned = "LATEST_PERMISSION_SET_PROVISIONED"
+
+ // ProvisioningStatusLatestPermissionSetNotProvisioned is a ProvisioningStatus enum value
+ ProvisioningStatusLatestPermissionSetNotProvisioned = "LATEST_PERMISSION_SET_NOT_PROVISIONED"
+)
+
+// ProvisioningStatus_Values returns all elements of the ProvisioningStatus enum
+func ProvisioningStatus_Values() []string {
+ return []string{
+ ProvisioningStatusLatestPermissionSetProvisioned,
+ ProvisioningStatusLatestPermissionSetNotProvisioned,
+ }
+}
+
+const (
+ // StatusValuesInProgress is a StatusValues enum value
+ StatusValuesInProgress = "IN_PROGRESS"
+
+ // StatusValuesFailed is a StatusValues enum value
+ StatusValuesFailed = "FAILED"
+
+ // StatusValuesSucceeded is a StatusValues enum value
+ StatusValuesSucceeded = "SUCCEEDED"
+)
+
+// StatusValues_Values returns all elements of the StatusValues enum
+func StatusValues_Values() []string {
+ return []string{
+ StatusValuesInProgress,
+ StatusValuesFailed,
+ StatusValuesSucceeded,
+ }
+}
+
+const (
+ // TargetTypeAwsAccount is a TargetType enum value
+ TargetTypeAwsAccount = "AWS_ACCOUNT"
+)
+
+// TargetType_Values returns all elements of the TargetType enum
+func TargetType_Values() []string {
+ return []string{
+ TargetTypeAwsAccount,
+ }
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/doc.go
new file mode 100644
index 00000000000..00bd60c46cc
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/doc.go
@@ -0,0 +1,26 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+// Package ssoadmin provides the client and types for making API
+// requests to AWS Single Sign-On Admin.
+//
+// See https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20 for more information on this service.
+//
+// See ssoadmin package documentation for more information.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/ssoadmin/
+//
+// Using the Client
+//
+// To contact AWS Single Sign-On Admin with the SDK use the New function to create
+// a new service client. With that client you can make API requests to the service.
+// These clients are safe to use concurrently.
+//
+// See the SDK's documentation for more information on how to use the SDK.
+// https://docs.aws.amazon.com/sdk-for-go/api/
+//
+// See aws.Config documentation for more information on configuring SDK clients.
+// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
+//
+// See the AWS Single Sign-On Admin client SSOAdmin for more
+// information on creating client for this service.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/ssoadmin/#New
+package ssoadmin
diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/errors.go
new file mode 100644
index 00000000000..6cc454e8dd2
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/errors.go
@@ -0,0 +1,68 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package ssoadmin
+
+import (
+ "github.com/aws/aws-sdk-go/private/protocol"
+)
+
+const (
+
+ // ErrCodeAccessDeniedException for service response error code
+ // "AccessDeniedException".
+ //
+ // You do not have sufficient access to perform this action.
+ ErrCodeAccessDeniedException = "AccessDeniedException"
+
+ // ErrCodeConflictException for service response error code
+ // "ConflictException".
+ //
+ // Occurs when a conflict with a previous successful write is detected. This
+ // generally occurs when the previous write did not have time to propagate to
+ // the host serving the current request. A retry (with appropriate backoff logic)
+ // is the recommended response to this exception.
+ ErrCodeConflictException = "ConflictException"
+
+ // ErrCodeInternalServerException for service response error code
+ // "InternalServerException".
+ //
+ // The request processing has failed because of an unknown error, exception,
+ // or failure with an internal server.
+ ErrCodeInternalServerException = "InternalServerException"
+
+ // ErrCodeResourceNotFoundException for service response error code
+ // "ResourceNotFoundException".
+ //
+ // Indicates that a requested resource is not found.
+ ErrCodeResourceNotFoundException = "ResourceNotFoundException"
+
+ // ErrCodeServiceQuotaExceededException for service response error code
+ // "ServiceQuotaExceededException".
+ //
+ // Indicates that the principal has crossed the permitted number of resources
+ // that can be created.
+ ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException"
+
+ // ErrCodeThrottlingException for service response error code
+ // "ThrottlingException".
+ //
+ // Indicates that the principal has crossed the throttling limits of the API
+ // operations.
+ ErrCodeThrottlingException = "ThrottlingException"
+
+ // ErrCodeValidationException for service response error code
+ // "ValidationException".
+ //
+ // The request failed because it contains a syntax error.
+ ErrCodeValidationException = "ValidationException"
+)
+
+var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
+ "AccessDeniedException": newErrorAccessDeniedException,
+ "ConflictException": newErrorConflictException,
+ "InternalServerException": newErrorInternalServerException,
+ "ResourceNotFoundException": newErrorResourceNotFoundException,
+ "ServiceQuotaExceededException": newErrorServiceQuotaExceededException,
+ "ThrottlingException": newErrorThrottlingException,
+ "ValidationException": newErrorValidationException,
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/service.go b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/service.go
new file mode 100644
index 00000000000..9b4e204324e
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/ssoadmin/service.go
@@ -0,0 +1,106 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package ssoadmin
+
+import (
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/client"
+ "github.com/aws/aws-sdk-go/aws/client/metadata"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/aws/signer/v4"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
+)
+
+// SSOAdmin provides the API operation methods for making requests to
+// AWS Single Sign-On Admin. See this package's package overview docs
+// for details on the service.
+//
+// SSOAdmin methods are safe to use concurrently. It is not safe to
+// modify mutate any of the struct's properties though.
+type SSOAdmin struct {
+ *client.Client
+}
+
+// Used for custom client initialization logic
+var initClient func(*client.Client)
+
+// Used for custom request initialization logic
+var initRequest func(*request.Request)
+
+// Service information constants
+const (
+ ServiceName = "SSO Admin" // Name of service.
+ EndpointsID = "sso" // ID to lookup a service endpoint with.
+ ServiceID = "SSO Admin" // ServiceID is a unique identifier of a specific service.
+)
+
+// New creates a new instance of the SSOAdmin client with a session.
+// If additional configuration is needed for the client instance use the optional
+// aws.Config parameter to add your extra config.
+//
+// Example:
+// mySession := session.Must(session.NewSession())
+//
+// // Create a SSOAdmin client from just a session.
+// svc := ssoadmin.New(mySession)
+//
+// // Create a SSOAdmin client with additional configuration
+// svc := ssoadmin.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
+func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOAdmin {
+ c := p.ClientConfig(EndpointsID, cfgs...)
+ if c.SigningNameDerived || len(c.SigningName) == 0 {
+ c.SigningName = "sso"
+ }
+ return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName)
+}
+
+// newClient creates, initializes and returns a new service client instance.
+func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *SSOAdmin {
+ svc := &SSOAdmin{
+ Client: client.New(
+ cfg,
+ metadata.ClientInfo{
+ ServiceName: ServiceName,
+ ServiceID: ServiceID,
+ SigningName: signingName,
+ SigningRegion: signingRegion,
+ PartitionID: partitionID,
+ Endpoint: endpoint,
+ APIVersion: "2020-07-20",
+ JSONVersion: "1.1",
+ TargetPrefix: "SWBExternalService",
+ },
+ handlers,
+ ),
+ }
+
+ // Handlers
+ svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
+ svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler)
+ svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler)
+ svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler)
+ svc.Handlers.UnmarshalError.PushBackNamed(
+ protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(),
+ )
+
+ // Run custom client initialization if present
+ if initClient != nil {
+ initClient(svc.Client)
+ }
+
+ return svc
+}
+
+// newRequest creates a new request for a SSOAdmin operation and runs any
+// custom request initialization.
+func (c *SSOAdmin) newRequest(op *request.Operation, params, data interface{}) *request.Request {
+ req := c.NewRequest(op, params, data)
+
+ // Run custom request initialization if present
+ if initRequest != nil {
+ initRequest(req)
+ }
+
+ return req
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index c079758c65c..64dbc9529d2 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -145,6 +145,7 @@ github.com/aws/aws-sdk-go/service/glue
github.com/aws/aws-sdk-go/service/greengrass
github.com/aws/aws-sdk-go/service/guardduty
github.com/aws/aws-sdk-go/service/iam
+github.com/aws/aws-sdk-go/service/identitystore
github.com/aws/aws-sdk-go/service/imagebuilder
github.com/aws/aws-sdk-go/service/inspector
github.com/aws/aws-sdk-go/service/iot
@@ -208,6 +209,7 @@ github.com/aws/aws-sdk-go/service/simpledb
github.com/aws/aws-sdk-go/service/sns
github.com/aws/aws-sdk-go/service/sqs
github.com/aws/aws-sdk-go/service/ssm
+github.com/aws/aws-sdk-go/service/ssoadmin
github.com/aws/aws-sdk-go/service/storagegateway
github.com/aws/aws-sdk-go/service/sts
github.com/aws/aws-sdk-go/service/sts/stsiface
diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt
index 7a46e947c4c..111ff435d9c 100644
--- a/website/allowed-subcategories.txt
+++ b/website/allowed-subcategories.txt
@@ -57,6 +57,7 @@ Global Accelerator
Glue
GuardDuty
IAM
+Identity Store
Inspector
IoT
KMS
@@ -95,6 +96,7 @@ SES
SNS
SQS
SSM
+SSO Admin
SWF
Sagemaker
Secrets Manager
diff --git a/website/docs/guides/custom-service-endpoints.html.md b/website/docs/guides/custom-service-endpoints.html.md
index d24d3260570..de260f10494 100644
--- a/website/docs/guides/custom-service-endpoints.html.md
+++ b/website/docs/guides/custom-service-endpoints.html.md
@@ -122,6 +122,7 @@ The Terraform AWS Provider allows the following endpoints to be customized:
guardduty
greengrass
iam
+ identitystore
imagebuilder
inspector
iot
@@ -181,6 +182,7 @@ The Terraform AWS Provider allows the following endpoints to be customized:
sns
sqs
ssm
+ ssoadmin
stepfunctions
storagegateway
sts