search

aws-samples / aws-iam-identity-center-automation

Accelerate AWS IAM Identity Center (successor to AWS Single Sign-On (SSO)) implementation using AWS CDK. This CDK program allows you to conveniently define your own permission sets and assignments without the need to tediously create your own AWS CloudFormation templates for your AWS IAM Identity Center deployment minimizing the risk of human misconfigurations.
MIT No Attribution
20 stars 5 forks source link

Attach customer managed policy to permission set. #4

Open piotrkurylak opened 12 months ago

piotrkurylak commented 12 months ago

Hi,

Are we able to attach customer managed policy to permission set?

"permissionSets": [
    {
        "permissionSetName": "PermissionSetName",
        "managedPolicies": ["CustomerManagedPolicy"],
        "customPolicy": ""
    }

for example like this? seems that it doesn't work since it wants to take as input AWS managed policy, got error: "Value of input 'managedPolicyArn' failed to satisfy constraint: Member must satisfy regular expression pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):iam::aws:policy/[\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}]+ "

csaxton-ls commented 1 month ago

the regular expression specified in the error message seems a bit odd no? specifically the requiring an 'aws' where the account-id would be for such an argument

e.g. value being supplied

arn:aws:iam::<redacted-account-id>:policy/some/name/space/SomePolicyName