sso-admin (IAM Identity Center (successor to Single Sign-On))

Implementation details for API sso-admin

Coverage Overview

IAM Identity Center (successor to Single Sign-On) (sso-admin) is supported by LocalStack only in the pro image.

AvailabilityTesting*
OperationImplementedImageInternal Test SuiteExternal Test SuiteTerraform ValidatedAWS ValidatedSnapshot TestedDetails
AttachCustomerManagedPolicyReferenceToPermissionSet✔️pro✔️
AttachManagedPolicyToPermissionSet✔️pro✔️
CreateAccountAssignment✔️pro✔️
CreateApplication
CreateApplicationAssignment
CreateInstance
CreateInstanceAccessControlAttributeConfiguration
CreatePermissionSet✔️pro✔️✔️Show Tests
CreateTrustedTokenIssuer
DeleteAccountAssignment✔️pro✔️
DeleteApplication
DeleteApplicationAccessScope
DeleteApplicationAssignment
DeleteApplicationAuthenticationMethod
DeleteApplicationGrant
DeleteInlinePolicyFromPermissionSet✔️pro✔️
DeleteInstance
DeleteInstanceAccessControlAttributeConfiguration
DeletePermissionSet✔️pro✔️
DeletePermissionsBoundaryFromPermissionSet
DeleteTrustedTokenIssuer
DescribeAccountAssignmentCreationStatus✔️pro✔️
DescribeAccountAssignmentDeletionStatus✔️pro✔️
DescribeApplication
DescribeApplicationAssignment
DescribeApplicationProvider
DescribeInstance
DescribeInstanceAccessControlAttributeConfiguration
DescribePermissionSet✔️pro✔️
DescribePermissionSetProvisioningStatus
DescribeTrustedTokenIssuer
DetachCustomerManagedPolicyReferenceFromPermissionSet✔️pro✔️
DetachManagedPolicyFromPermissionSet✔️pro✔️
GetApplicationAccessScope
GetApplicationAssignmentConfiguration
GetApplicationAuthenticationMethod
GetApplicationGrant
GetInlinePolicyForPermissionSet✔️pro✔️
GetPermissionsBoundaryForPermissionSet
ListAccountAssignmentCreationStatus
ListAccountAssignmentDeletionStatus
ListAccountAssignments✔️pro✔️
ListAccountAssignmentsForPrincipal✔️pro✔️
ListAccountsForProvisionedPermissionSet✔️pro
ListApplicationAccessScopes
ListApplicationAssignments
ListApplicationAssignmentsForPrincipal
ListApplicationAuthenticationMethods
ListApplicationGrants
ListApplicationProviders
ListApplications
ListCustomerManagedPolicyReferencesInPermissionSet✔️pro✔️
ListInstances✔️pro✔️
ListManagedPoliciesInPermissionSet✔️pro✔️
ListPermissionSetProvisioningStatus
ListPermissionSets✔️pro✔️✔️Show Tests
ListPermissionSetsProvisionedToAccount✔️pro
ListTagsForResource✔️pro✔️Show Tests
ListTrustedTokenIssuers
ProvisionPermissionSet✔️pro
PutApplicationAccessScope
PutApplicationAssignmentConfiguration
PutApplicationAuthenticationMethod
PutApplicationGrant
PutInlinePolicyToPermissionSet✔️pro✔️
PutPermissionsBoundaryToPermissionSet
TagResource
UntagResource
UpdateApplication
UpdateInstance✔️pro✔️
UpdateInstanceAccessControlAttributeConfiguration
UpdatePermissionSet✔️pro✔️
UpdateTrustedTokenIssuer

Terminology

  • Internal Test Suite: tested by LocalStack's internal integration test suite
  • External Test Suite: covered by an external integration test suite, that runs against LocalStack
  • Terraform Validated: operation tested with Terraform
  • AWS Validated: the integration test that includes this operation call was validated against AWS
  • Snapshot Tested: the operation is part of a snapshot parity test, which verifies the responses by LocalStack and AWS are the same

Testing Details

This section gives an overview about the internal integration test suite and the specific test cases that recorded the API call.

How to read the test details?

For each operation we put up a list of the related integration test cases.
Those operation calls have been recorded during the execution of the outlined test cases. Some calls might be internal, i.e., they are not explicitly called in the test, but are triggered implicitly by the LocalStack framework.

  • Parameters: The tests are ordered by the parameters used, which are highlighted in bold.
  • Test Details: LocalStack Community or LocalStack Pro indicates where the test originates. For each test you see:
    • test name
    • status code returned (which is the expected one for the test case)
    • information about validation:
      • AWS validated the test is validated against AWS, meaning it run successfully against real AWS as well
      • Snapshot Tested this is a snapshot parity test, meaning the responses are validated against AWS


CreatePermissionSet

Parameters: Description, InstanceArn, Name
  • LocalStack Pro
    • test_list_permission_sets LocalStack Pro: tests/aws/services/sso_admin/test_sso_admin.py::TestSsoAdmin::test_list_permission_sets HTTP Status Code: 200
Parameters: Description, InstanceArn, Name, Tags
  • LocalStack Pro
    • test_list_tags_for_resource_permission_set LocalStack Pro: tests/aws/services/sso_admin/test_sso_admin.py::TestSsoAdmin::test_list_tags_for_resource_permission_set HTTP Status Code: 200

ListPermissionSets

Parameters: InstanceArn
  • LocalStack Pro
    • test_list_permission_sets LocalStack Pro: tests/aws/services/sso_admin/test_sso_admin.py::TestSsoAdmin::test_list_permission_sets HTTP Status Code: 200

ListTagsForResource

Parameters: InstanceArn, ResourceArn
  • LocalStack Pro
    • test_list_tags_for_resource_permission_set LocalStack Pro: tests/aws/services/sso_admin/test_sso_admin.py::TestSsoAdmin::test_list_tags_for_resource_permission_set HTTP Status Code: 200

Last modified July 22, 2024: Update Parity Coverage Docs (#1393) (1200bd259)