Table Of Contents

  1. Docs
  2. Available services
  3. SSOAdmin
  4. list_account_assignments

list_account_assignments

SSOAdmin.Client.list_account_assignments(**kwargs)

Lists the assignee of the specified AWS account with the specified permission set.

See also: AWS API Documentation

Request Syntax

response = client.list_account_assignments(
    InstanceArn='string',
    AccountId='string',
    PermissionSetArn='string',
    MaxResults=123,
    NextToken='string'
)
Parameters
  • InstanceArn (string) --

    [REQUIRED]

    The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .

  • AccountId (string) --

    [REQUIRED]

    The identifier of the AWS account from which to list the assignments.

  • PermissionSetArn (string) --

    [REQUIRED]

    The ARN of the permission set from which to list assignments.

  • MaxResults (integer) -- The maximum number of results to display for the assignment.
  • NextToken (string) -- The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.
Return type

dict

Returns

Response Syntax

{
    'AccountAssignments': [
        {
            'AccountId': 'string',
            'PermissionSetArn': 'string',
            'PrincipalType': 'USER'|'GROUP',
            'PrincipalId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • AccountAssignments (list) --

      The list of assignments that match the input AWS account and permission set.

      • (dict) --

        The assignment that indicates a principal's limited access to a specified AWS account with a specified permission set.

        Note

        The term principal here refers to a user or group that is defined in IAM Identity Center.

        • AccountId (string) --

          The identifier of the AWS account.

        • PermissionSetArn (string) --

          The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference .

        • PrincipalType (string) --

          The entity type for which the assignment will be created.

        • PrincipalId (string) --

          An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.

    • NextToken (string) --

      The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.

Exceptions

  • SSOAdmin.Client.exceptions.ResourceNotFoundException
  • SSOAdmin.Client.exceptions.InternalServerException
  • SSOAdmin.Client.exceptions.ThrottlingException
  • SSOAdmin.Client.exceptions.ValidationException
  • SSOAdmin.Client.exceptions.AccessDeniedException
list_account_assignment_deletion_status
list_accounts_for_provisioned_permission_set
Privacy | Site Terms | Cookie preferences | © Copyright 2023, Amazon Web Services, Inc. Created using Sphinx.