Skip to content
This repository has been archived by the owner on Nov 5, 2024. It is now read-only.

Add ability to filter SSO permission sets by name #473

Closed
stephenmuss opened this issue Feb 12, 2023 · 7 comments
Closed

Add ability to filter SSO permission sets by name #473

stephenmuss opened this issue Feb 12, 2023 · 7 comments
Assignees
@ashishdhingra
Labels
feature-request New feature or request service-api This issue pertains to the AWS API sso-admin

Comments

@stephenmuss
Copy link

Describe the feature

Currently using the sso-admin APIs it is not possible to find a permission set using its name.

list-permission-sets allows listing all permission sets but only returns the permission set ARN. It is then necessary to describe each permission set using the ARN to find one with the matching name.

Even in the case of the official AWS terraform provider, it is limited to this approach when using a data source and only providing the permission set name https://github.com/hashicorp/terraform-provider-aws/blob/b6cdb7681a24a97264aa3b1fb368bf1f37a10650/internal/service/ssoadmin/permission_set_data_source.go#L101-L148

This approach is fine in cases where there is only a handful of permission sets, but with a larger number it is far from ideal and limits effective automation.

Use case

Providing the ability to filter permission sets by name will make automation much simpler and effective when updating permission sets and assignments. Fetching a list of all permission sets and then describing them one by one is inefficient and slows down automation and increases load on AWS APIs unnecessarily.

Proposed solution

Ideally the API should provide the ability to filter permission sets based on the name, e.g. --filters AttributePath=Name,AttributeValue=ABC123

CLI version used

aws-cli/2.9.23 Python/3.11.2 Darwin/22.2.0 source/arm64

Environment details (OS name and version, etc.)

MacOS Darwin Kernel Version 22.2.0
@yenfryherrerafeliz yenfryherrerafeliz self-assigned this Feb 13, 2023
@yenfryherrerafeliz
Copy link

Hi @stephenmuss, thanks for opening this feature request. I have opened a ticket with the correspondent team with this feature request. I will provide updates regarding as soon as the team provides them.

Thanks!

@yenfryherrerafeliz
Copy link

V833883120

@yenfryherrerafeliz yenfryherrerafeliz added the service-api This issue pertains to the AWS API label Feb 13, 2023
@ashishdhingra
Copy link

Checked with service team for an update. Awaiting response.

@ashishdhingra
Copy link

Reached out to service team requesting for an update.

@rcrof
Copy link

rcrof commented Jul 24, 2024

Hi team, is there any update on this?

@tim-finnigan
Copy link
Contributor

Checking in - it looks like this is on the service team's roadmap. We can't provide guarantees as to if or when something like this would be implemented, but please refer to the blog and CHANGELOGs for further updates.

@github-actions GitHub Actions
Copy link

This issue is now closed.

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ashishdhingra ashishdhingra

Labels
feature-request New feature or request service-api This issue pertains to the AWS API sso-admin
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@stephenmuss @yenfryherrerafeliz @ashishdhingra @tim-finnigan @rcrof