Class CpSSOSetup

CloudKitext SSO Pattern It is used for setting up SSO with Groups, Permissions and Account associations based on best practice recommendations. It will create the following PermissionSets

  1. Administrator PermissionSet
  2. ViewOnly PermissionSet
  3. SourceCode PermissionSet
  4. SecurityAudit PermissionSet

It will create the following Groups

  1. Admin Group
  2. Security Group
  3. Developer Group
  4. Network Group

It will perform the following assignments

  1. Administrator group is assigned to all accounts
  2. Security group is assigned to security accounts
  3. Network group gets admin access to infrastructure account
  4. Developer group get access to source code account

Default Alarms

Examples

Default Usage

new CpSSOSetup(this, "LogicalId", {
    cpNetworkAccountId: '1',
    cpDevLogArchiveAccountId: '2',
    cpProdLogArchiveAccountId: '3',
    cpSourceCodeAccountId: '4'
});

Custom Configuration

new CpSSOSetup(this, "LogicalId", {
    cpNetworkAccountId: '1',
    cpDevLogArchiveAccountId: '2',
    cpProdLogArchiveAccountId: '3',
    cpSourceCodeAccountId: '4',
    cpNetworkSessionDuration: 'PT3H'
});

Compliance

It addresses the following compliance requirements

Hierarchy

  • Construct
    • CpSSOSetup

Constructors

constructor

Properties

adminGroup administratorAccess developerGroup networkGroup securityAuditAccess securityGroup sourceCodeAccess sso viewOnlyAccess

Constructors

constructor

  • new CpSSOSetup(scope, id, props): CpSSOSetup

  • Parameters

    Returns CpSSOSetup

Properties

Readonly adminGroup

adminGroup: CcGroup

Administrator Group

Readonly administratorAccess

administratorAccess: CcPermissionSet

Administrator Permissions

Readonly developerGroup

developerGroup: CcGroup

Developers Group

Readonly networkGroup

networkGroup: CcGroup

Network Group

Readonly securityAuditAccess

securityAuditAccess: CcPermissionSet

Security Audit Permissions

Readonly securityGroup

securityGroup: CcGroup

Security Group

Readonly sourceCodeAccess

sourceCodeAccess: CcPermissionSet

Source Code Repository Permissions

Readonly sso

sso: CcSsoInstance

SSO Instance

Readonly viewOnlyAccess

viewOnlyAccess: CcPermissionSet

View only Permissions

Settings

Member Visibility

Theme

On This Page

Generated using TypeDoc