SSOAdmin / Client / list_account_assignments

list_account_assignments

SSOAdmin.Client.list_account_assignments(**kwargs)

Lists the assignee of the specified Amazon Web Services account with the specified permission set.

See also: AWS API Documentation

Request Syntax

response = client.list_account_assignments(
    AccountId='string',
    InstanceArn='string',
    MaxResults=123,
    NextToken='string',
    PermissionSetArn='string'
)

Parameters:

• AccountId (string) –

  [REQUIRED]

  The identifier of the Amazon Web Services account from which to list the assignments.

• InstanceArn (string) –

  [REQUIRED]

  The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.

• MaxResults (integer) – The maximum number of results to display for the assignment.

• NextToken (string) – The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.

• PermissionSetArn (string) –

  [REQUIRED]

  The ARN of the permission set from which to list assignments.

Return type:

dict

Returns:

Response Syntax

{
    'AccountAssignments': [
        {
            'AccountId': 'string',
            'PermissionSetArn': 'string',
            'PrincipalId': 'string',
            'PrincipalType': 'USER'|'GROUP'
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) –

  • AccountAssignments (list) –

    The list of assignments that match the input Amazon Web Services account and permission set.

    • (dict) –

      The assignment that indicates a principal’s limited access to a specified Amazon Web Services account with a specified permission set.

      Note

      The term principal here refers to a user or group that is defined in IAM Identity Center.

      • AccountId (string) –

        The identifier of the Amazon Web Services account.

      • PermissionSetArn (string) –

        The ARN of the permission set. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.

      • PrincipalId (string) –

        An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the IAM Identity Center Identity Store API Reference.

      • PrincipalType (string) –

        The entity type for which the assignment will be created.

  • NextToken (string) –

    The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.

Exceptions

• SSOAdmin.Client.exceptions.ThrottlingException

• SSOAdmin.Client.exceptions.InternalServerException

• SSOAdmin.Client.exceptions.ResourceNotFoundException

• SSOAdmin.Client.exceptions.AccessDeniedException

• SSOAdmin.Client.exceptions.ValidationException