IAMRolesAnywhere / Client / delete_attribute_mapping
delete_attribute_mapping#
- IAMRolesAnywhere.Client.delete_attribute_mapping(**kwargs)#
- Delete an entry from the attribute mapping rules enforced by a given profile. - See also: AWS API Documentation - Request Syntax- response = client.delete_attribute_mapping( certificateField='x509Subject'|'x509Issuer'|'x509SAN', profileId='string', specifiers=[ 'string', ] ) - Parameters:
- certificateField (string) – - [REQUIRED] - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates. 
- profileId (string) – - [REQUIRED] - The unique identifier of the profile. 
- specifiers (list) – - A list of specifiers of a certificate field; for example, CN, OU, UID from a Subject. - (string) – 
 
 
- Return type:
- dict 
- Returns:
- Response Syntax- { 'profile': { 'acceptRoleSessionName': True|False, 'attributeMappings': [ { 'certificateField': 'x509Subject'|'x509Issuer'|'x509SAN', 'mappingRules': [ { 'specifier': 'string' }, ] }, ], 'createdAt': datetime(2015, 1, 1), 'createdBy': 'string', 'durationSeconds': 123, 'enabled': True|False, 'managedPolicyArns': [ 'string', ], 'name': 'string', 'profileArn': 'string', 'profileId': 'string', 'requireInstanceProperties': True|False, 'roleArns': [ 'string', ], 'sessionPolicy': 'string', 'updatedAt': datetime(2015, 1, 1) } } - Response Structure- (dict) – - profile (dict) – - The state of the profile after a read or write operation. - acceptRoleSessionName (boolean) – - Used to determine if a custom role session name will be accepted in a temporary credential request. 
- attributeMappings (list) – - A mapping applied to the authenticating end-entity certificate. - (dict) – - A mapping applied to the authenticating end-entity certificate. - certificateField (string) – - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates. 
- mappingRules (list) – - A list of mapping entries for every supported specifier or sub-field. - (dict) – - A single mapping entry for each supported specifier or sub-field. - specifier (string) – - Specifier within a certificate field, such as CN, OU, or UID from the Subject field. 
 
 
 
 
- createdAt (datetime) – - The ISO-8601 timestamp when the profile was created. 
- createdBy (string) – - The Amazon Web Services account that created the profile. 
- durationSeconds (integer) – - Used to determine how long sessions vended using this profile are valid for. See the - Expirationsection of the CreateSession API documentation page for more details. In requests, if this value is not provided, the default value will be 3600.
- enabled (boolean) – - Indicates whether the profile is enabled. 
- managedPolicyArns (list) – - A list of managed policy ARNs that apply to the vended session credentials. - (string) – 
 
- name (string) – - The name of the profile. 
- profileArn (string) – - The ARN of the profile. 
- profileId (string) – - The unique identifier of the profile. 
- requireInstanceProperties (boolean) – - Specifies whether instance properties are required in temporary credential requests with this profile. 
- roleArns (list) – - A list of IAM roles that this profile can assume in a temporary credential request. - (string) – 
 
- sessionPolicy (string) – - A session policy that applies to the trust boundary of the vended session credentials. 
- updatedAt (datetime) – - The ISO-8601 timestamp when the profile was last updated. 
 
 
 
 - Exceptions- IAMRolesAnywhere.Client.exceptions.ValidationException
- IAMRolesAnywhere.Client.exceptions.ResourceNotFoundException
- IAMRolesAnywhere.Client.exceptions.AccessDeniedException