SSOAdmin / Client / detach_customer_managed_policy_reference_from_permission_set

detach_customer_managed_policy_reference_from_permission_set#

SSOAdmin.Client.detach_customer_managed_policy_reference_from_permission_set(**kwargs)#

Detaches the specified customer managed policy from the specified PermissionSet.

See also: AWS API Documentation

Request Syntax

response = client.detach_customer_managed_policy_reference_from_permission_set(
    CustomerManagedPolicyReference={
        'Name': 'string',
        'Path': 'string'
    },
    InstanceArn='string',
    PermissionSetArn='string'
)
Parameters:
  • CustomerManagedPolicyReference (dict) –

    [REQUIRED]

    Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.

    • Name (string) – [REQUIRED]

      The name of the IAM policy that you have configured in each account where you want to deploy your permission set.

    • Path (string) –

      The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is /. For more information, see Friendly names and paths in the IAM User Guide.

  • InstanceArn (string) –

    [REQUIRED]

    The ARN of the IAM Identity Center instance under which the operation will be executed.

  • PermissionSetArn (string) –

    [REQUIRED]

    The ARN of the PermissionSet.

Return type:

dict

Returns:

Response Syntax

{}

Response Structure

  • (dict) –

Exceptions

  • SSOAdmin.Client.exceptions.ThrottlingException

  • SSOAdmin.Client.exceptions.InternalServerException

  • SSOAdmin.Client.exceptions.ResourceNotFoundException

  • SSOAdmin.Client.exceptions.AccessDeniedException

  • SSOAdmin.Client.exceptions.ValidationException

  • SSOAdmin.Client.exceptions.ConflictException