Class: Aws::IAM::Types::CreateDelegationRequestRequest

Inherits:

Struct

• Object
• Struct
• Aws::IAM::Types::CreateDelegationRequestRequest

Includes:

Structure

Defined in:

lib/aws-sdk-iam/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #description ⇒ String

  A description of the delegation request.

• #notification_channel ⇒ String

  The notification channel for updates about the delegation request.

• #only_send_by_owner ⇒ Boolean

  Specifies whether the delegation token should only be sent by the owner.

• #owner_account_id ⇒ String

  The Amazon Web Services account ID this delegation request is targeted to.

• #permissions ⇒ Types::DelegationPermission

  The permissions to be delegated in this delegation request.

• #redirect_url ⇒ String

  The URL to redirect to after the delegation request is processed.

• #request_message ⇒ String

  A message explaining the reason for the delegation request.

• #requestor_workflow_id ⇒ String

  The workflow ID associated with the requestor.

• #session_duration ⇒ Integer

  The duration for which the delegated session should remain active, in seconds.

Instance Attribute Details

#description ⇒ String

A description of the delegation request.

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#notification_channel ⇒ String

The notification channel for updates about the delegation request.

At this time,only SNS topic ARNs are accepted for notification. This topic ARN must have a resource policy granting ‘SNS:Publish` permission to the IAM service principal (`iam.amazonaws.com`). See

partner onboarding documentation][1

for more details.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-temporary-delegation-partner-guide.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#only_send_by_owner ⇒ Boolean

Specifies whether the delegation token should only be sent by the owner.

This flag prevents any party other than the owner from calling ‘SendDelegationToken` API for this delegation request. This behavior becomes useful when the delegation request owner needs to be present for subsequent partner interactions, but the delegation request was sent to a more privileged user for approval due to the owner lacking sufficient delegation permissions.

Returns:

• (Boolean)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#owner_account_id ⇒ String

The Amazon Web Services account ID this delegation request is targeted to.

If the account ID is not known, this parameter can be omitted, resulting in a request that can be associated by any account. If the account ID passed, then the created delegation request can only be associated with an identity of that target account.

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#permissions ⇒ Types::DelegationPermission

The permissions to be delegated in this delegation request.

Returns:

• (Types::DelegationPermission)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#redirect_url ⇒ String

The URL to redirect to after the delegation request is processed.

This URL is used by the IAM console to show a link to the customer to re-load the partner workflow.

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#request_message ⇒ String

A message explaining the reason for the delegation request.

Requesters can utilize this field to add a custom note to the delegation request. This field is different from the description such that this is to be utilized for a custom messaging on a case-by-case basis.

For example, if the current delegation request is in response to a previous request being rejected, this explanation can be added to the request via this field.

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#requestor_workflow_id ⇒ String

The workflow ID associated with the requestor.

This is the unique identifier on the partner side that can be used to track the progress of the request.

IAM maintains a uniqueness check on this workflow id for each request - if a workflow id for an existing request is passed, this API call will fail.

Returns:

• (String)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end

#session_duration ⇒ Integer

The duration for which the delegated session should remain active, in seconds.

The active time window for the session starts when the customer calls the [SendDelegationToken] API.

[1]: docs.aws.amazon.com/IAM/latest/APIReference/API_SendDelegationToken.html

Returns:

• (Integer)

# File 'lib/aws-sdk-iam/types.rb', line 821

class CreateDelegationRequestRequest < Struct.new(
  :owner_account_id,
  :description,
  :permissions,
  :request_message,
  :requestor_workflow_id,
  :redirect_url,
  :notification_channel,
  :session_duration,
  :only_send_by_owner)
  SENSITIVE = []
  include Aws::Structure
end