sym.sdk.integrations.aws_sso¶
Helpers for interacting with the AWS SSO API within the Sym SDK.
Functions
|
Checks if the provided |
|
Returns a list of AWS accounts within the AWS SSO Organization that the AWS SSO Sym Integration is connected to, optionally filtered to the specified Organizational Unit. |
Lists all the groups in the identity store of the AWS SSO account connected by an AWS SSO Sym Integration. |
|
|
Get all users from the specified AWS SSO group. |
- sym.sdk.integrations.aws_sso.is_user_in_group(user: sym.sdk.user.User, *, group_name: str) bool ¶
Checks if the provided
User
is a member of the AWS SSO group specified.The AWS SSO group’s display name must be given, and the method will check that the group exists and is accessible. An exception will be raised if not.
- Parameters
user – The
User
to check group membership of.group_name – The display name of the AWS SSO group.
- Returns
True if the
User
is a member of the specified AWS SSO group, False otherwise.- Raises
AWSSSOError – If no AWS SSO group with the given name exists.
- sym.sdk.integrations.aws_sso.list_accounts(organizational_unit_id: Optional[str] = None) List[dict] ¶
Returns a list of AWS accounts within the AWS SSO Organization that the AWS SSO Sym Integration is connected to, optionally filtered to the specified Organizational Unit.
The behavior of this function changes based on whether the
organizational_unit_id
parameter is specified, and if so what value is provided.If unspecified or set to
None
, this function will return all AWS accounts within your Organization.If a parent root ID (beginning with
r-
) is specified, this function will return all AWS accounts not mapped to any Organizational Unit.If an Organizational Unit ID (any other value) is specified, this function will return all AWS accounts mapped to that Organizational Unit only; accounts in child OUs of the specified OU will not be included.
- Parameters
organizational_unit_id – The ID of the parent root or Organizational Unit to filter by, or
None
to include all AWS accounts.- Returns
A list of dictionaries, with each dictionary representing an AWS account. The dictionaries follow the AWS Account object structure; see here for details.
- Raises
AWSSSOError – If the specified
organizational_unit_id
is invalid or does not exist, if and only iforganizational_unit_id
is specified.
- sym.sdk.integrations.aws_sso.list_groups() List[dict] ¶
Lists all the groups in the identity store of the AWS SSO account connected by an AWS SSO Sym Integration. See here for instructions on how to create an AWS SSO Integration.
- Returns
A list of dictionaries, with each dictionary representing a Group in AWS SSO’s Group structure. See here for details.
- sym.sdk.integrations.aws_sso.users_in_group(group_name: str) List[sym.sdk.user.User] ¶
Get all users from the specified AWS SSO group.
Warning: This method may only be used for groups that have 20 or fewer members.
The AWS SSO group’s display name must be given, and the method will check that the group exists and is accessible. An exception will be raised if not.
- Parameters
group_name – The display name of the AWS SSO group.
- Returns
A list of
User
- Raises
AWSSSOError – If no AWS SSO group with the given name exists or if the group has greater than 20 members.