sso:*AWS AWS IAM Identity Center IAM Actions
126 IAM actions for sso:*
Actions
126 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
sso:AddRegion | Write |
sso:AssociateDirectory | Write |
sso:AssociateProfile | Write |
sso:AttachCustomerManagedPolicyReferenceToPermissionSet | Permissions |
sso:AttachManagedPolicyToPermissionSet | Permissions |
sso:CreateAccountAssignment | Write |
sso:CreateApplication | Write |
sso:CreateApplicationAssignment | Write |
sso:CreateApplicationInstance | Write |
sso:CreateApplicationInstanceCertificate | Write |
sso:CreateInstance | Write |
sso:CreateInstanceAccessControlAttributeConfiguration | Write |
sso:CreateManagedApplicationInstance | Write |
sso:CreatePermissionSet | Permissions |
sso:CreateProfile | Write |
sso:CreateTrust | Write |
sso:CreateTrustedTokenIssuer | Write |
sso:DeleteAccountAssignment | Write |
sso:DeleteApplication | Write |
sso:DeleteApplicationAccessScope | Write |
sso:DeleteApplicationAssignment | Write |
sso:DeleteApplicationAuthenticationMethod | Write |
sso:DeleteApplicationGrant | Permissions |
sso:DeleteApplicationInstance | Write |
sso:DeleteApplicationInstanceCertificate | Write |
sso:DeleteInlinePolicyFromPermissionSet | Permissions |
sso:DeleteInstance | Write |
sso:DeleteInstanceAccessControlAttributeConfiguration | Write |
sso:DeleteManagedApplicationInstance | Write |
sso:DeletePermissionsBoundaryFromPermissionSet | Permissions |
sso:DeletePermissionSet | Permissions |
sso:DeleteProfile | Write |
sso:DeleteTrustedTokenIssuer | Write |
sso:DescribeAccountAssignmentCreationStatus | Read |
sso:DescribeAccountAssignmentDeletionStatus | Read |
sso:DescribeApplication | Read |
sso:DescribeApplicationAssignment | Read |
sso:DescribeApplicationProvider | Read |
sso:DescribeInstance | Read |
sso:DescribeInstanceAccessControlAttributeConfiguration | Read |
sso:DescribePermissionSet | Permissions |
sso:DescribePermissionSetProvisioningStatus | Permissions |
sso:DescribeRegion | Read |
sso:DescribeRegisteredRegions | Read |
sso:DescribeTrustedTokenIssuer | Read |
sso:DetachCustomerManagedPolicyReferenceFromPermissionSet | Permissions |
sso:DetachManagedPolicyFromPermissionSet | Permissions |
sso:DisassociateDirectory | Write |
sso:DisassociateProfile | Write |
sso:GetApplicationAccessScope | Read |
sso:GetApplicationAssignmentConfiguration | Read |
sso:GetApplicationAuthenticationMethod | Read |
sso:GetApplicationGrant | Permissions |
sso:GetApplicationInstance | Read |
sso:GetApplicationSessionConfiguration | Read |
sso:GetApplicationTemplate | Read |
sso:GetInlinePolicyForPermissionSet | Permissions |
sso:GetManagedApplicationInstance | Read |
sso:GetMfaDeviceManagementForDirectory | Read |
sso:GetPermissionsBoundaryForPermissionSet | Permissions |
sso:GetPermissionSet | Permissions |
sso:GetProfile | Read |
sso:GetSharedSsoConfiguration | Read |
sso:GetSsoConfiguration | Read |
sso:GetSSOStatus | Read |
sso:GetTrust | Read |
sso:ImportApplicationInstanceServiceProviderMetadata | Write |
sso:ListAccountAssignmentCreationStatus | List |
sso:ListAccountAssignmentDeletionStatus | List |
sso:ListAccountAssignments | List |
sso:ListAccountAssignmentsForPrincipal | List |
sso:ListAccountsForProvisionedPermissionSet | Permissions |
sso:ListApplicationAccessScopes | List |
sso:ListApplicationAssignments | List |
sso:ListApplicationAssignmentsForPrincipal | List |
sso:ListApplicationAuthenticationMethods | List |
sso:ListApplicationGrants | Permissions |
sso:ListApplicationInstanceCertificates | List |
sso:ListApplicationInstances | List |
sso:ListApplicationProviders | List |
sso:ListApplications | List |
sso:ListApplicationTemplates | List |
sso:ListCustomerManagedPolicyReferencesInPermissionSet | Permissions |
sso:ListDirectoryAssociations | List |
sso:ListInstances | List |
sso:ListManagedPoliciesInPermissionSet | Permissions |
sso:ListPermissionSetProvisioningStatus | Permissions |
sso:ListPermissionSets | Permissions |
sso:ListPermissionSetsProvisionedToAccount | Permissions |
sso:ListProfileAssociations | List |
sso:ListProfiles | List |
sso:ListRegions | List |
sso:ListTagsForResource | Tagging |
sso:ListTrustedTokenIssuers | List |
sso:ProvisionPermissionSet | Permissions |
sso:PutApplicationAccessScope | Write |
sso:PutApplicationAssignmentConfiguration | Write |
sso:PutApplicationAuthenticationMethod | Write |
sso:PutApplicationGrant | Permissions |
sso:PutApplicationSessionConfiguration | Write |
sso:PutInlinePolicyToPermissionSet | Permissions |
sso:PutMfaDeviceManagementForDirectory | Write |
sso:PutPermissionsBoundaryToPermissionSet | Permissions |
sso:PutPermissionsPolicy | Permissions |
sso:RemoveRegion | Write |
sso:SearchGroups | List |
sso:SearchUsers | List |
sso:StartSSO | Write |
sso:TagResource | Tagging |
sso:UntagResource | Tagging |
sso:UpdateApplication | Write |
sso:UpdateApplicationInstanceActiveCertificate | Write |
sso:UpdateApplicationInstanceDisplayData | Write |
sso:UpdateApplicationInstanceResponseConfiguration | Write |
sso:UpdateApplicationInstanceResponseSchemaConfiguration | Write |
sso:UpdateApplicationInstanceSecurityConfiguration | Write |
sso:UpdateApplicationInstanceServiceProviderConfiguration | Write |
sso:UpdateApplicationInstanceStatus | Write |
sso:UpdateInstance | Write |
sso:UpdateInstanceAccessControlAttributeConfiguration | Write |
sso:UpdateManagedApplicationInstanceStatus | Write |
sso:UpdatePermissionSet | Permissions |
sso:UpdateProfile | Write |
sso:UpdateSSOConfiguration | Write |
sso:UpdateTrust | Write |
sso:UpdateTrustedTokenIssuer | Write |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${RelativeId} | arn:aws:sso:::${RelativeId} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysidentitycenter:ApplicationArnidentitycenter:InstanceArnsso:ApplicationAccountLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
Total Actions126
Prefix
ssoResource Types1
Condition Keys6
Access Level Breakdown
Read23
Write51
List21
Permissions28
Tagging3