v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
496Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_ssoadmin_permission_set - Query AWS SSO Admin Permission Set using SQL

The AWS SSO Admin Permission Set is a component of AWS Single Sign-On (SSO) that defines the level of access that a user or group has to AWS resources. It holds a collection of permissions that can be used to restrict or allow actions on specific resources. AWS SSO Admin Permission Sets can be customized to suit specific needs, ensuring secure and efficient access management across your AWS environment.

Table Usage Guide

The aws_ssoadmin_permission_set table in Steampipe provides you with information about the permission sets associated with AWS Single Sign-On (SSO) service. This table allows you, as a DevOps engineer, to query permission set-specific details, including the permission set name, description, created date, and related metadata. You can utilize this table to gather insights on permission sets, such as the instances of each permission set, associated policies, and more. The schema outlines the various attributes of the permission set for you, including the permission set ARN, created date, session duration, and associated tags.

Examples

Basic info

Explore the details of AWS SSO permission sets, including when they were created and their current state. This information can be useful for auditing purposes, understanding access controls, or reviewing the configuration of your AWS environment.

select
  name,
  arn,
  created_date,
  description,
  relay_state,
  session_duration,
  tags
from
  aws_ssoadmin_permission_set;
select
  name,
  arn,
  created_date,
  description,
  relay_state,
  session_duration,
  tags
from
  aws_ssoadmin_permission_set;

Schema for aws_ssoadmin_permission_set

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe ARN of the permission set.
created_datetimestamp with time zoneThe date that the permission set was created.
descriptiontextThe description of the permission set.
instance_arntext=The Amazon Resource Name (ARN) of the SSO Instance under which the operation will be executed.
nametextThe name of the permission set.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
relay_statetextUsed to redirect users within the application during the federation authentication process.
session_durationtextThe length of time that the application user sessions are valid for in the ISO-8601 standard.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
tags_srcjsonb
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_ssoadmin_permission_set