Add customer managed policy and permission boundaries

aws-samples / aws-iam-identity-center-extensions

This solution is intended for enterprises that need a streamlined way of managing user access to their AWS accounts. Using this solution, your identity and access management teams can extend AWS SSO functionality by automating common access management and governance use cases

MIT License

65 stars 24 forks source link

Add customer managed policy and permission boundaries #96

Closed jjleigh closed 2 years ago

jjleigh commented 2 years ago

AWS SSO has added the ability to add customer managed policies and permission boundaries to a permission set in the console. This functionality needs to be supported in the the create and update permission set workflow.

jjleigh commented 2 years ago

SSO Admin API has been updated with 2 new APIs to support this functionality.

https://docs.aws.amazon.com/cli/latest/reference/sso-admin/put-permissions-boundary-to-permission-set.html https://docs.aws.amazon.com/cli/latest/reference/sso-admin/attach-customer-managed-policy-reference-to-permission-set.html

allquixotic commented 2 years ago

Supporting customer managed policies is our top request right now for SSOEx.