Attributes
Identity Attribute
There are 2 json files which distributes the identity in IDHub. One is Account.json for Accounts and Entitlement.json for Entitlements
| Attribute Name | Attribute Type | Attribute Description |
|---|---|---|
id | string | Unique Identifier of Identity |
name | string | Name of Identity |
endpoint | string | Endpoint name of Identity |
description | string | Description of Identity |
schema | string | Schema path of Identity |
Account Attribute
Below are the default attributes that Account.json can accommodate to fetch account related information from basic fields and tags of Users present in your AWS instance.
| Attribute Name | Attribute Type | Attribute Description | Required |
|---|---|---|---|
arn | string | The ARN of the user | |
id | string | The unique ID for the user | |
city | string | The city in which the user is located. Maximum length is 128 characters. | |
companyName | string | The company name which the user is associated. | |
country | string | The country/region in which the user is located. | |
department | string | The name for the department in which the user works. | |
displayName | string | The name displayed in the address book for the user. | Yes |
employeeId | string | The employee identifier assigned to the user by the organization. | |
employeeType | string | Captures enterprise worker type. | |
firstName | string | The given name (first name) of the user. | |
jobTitle | string | The users job title. | |
mail | string | The SMTP address for the user. | |
mobilePhone | string | Primary cellular telephone number for the user. | |
path | string | The path of the user. | |
postalCode | string | The postal code for the users postal address. | |
state | string | The state or province in the users address. | |
streetAddress | string | The street address of the users place of business. | |
lastName | string | The users surname (family name or last name). | |
state | string | State or province in the user's address. | |
location | string | Location of user. | |
userName | string | The name of the user, which can be used for signing in to the AWS Management Console. | Yes |
Other Account Attributes
Other Account Attributes can be included by support team are discussed here
| Attribute Name | Attribute Type | Attribute Description |
|---|---|---|
| CreateDate | string | Creation date of the user. |
| ConsoleAccess | string | Password status of the user. |
| Groups | string | Groups the user is a part of |
| AWSManagedPolicies | string | AWS Managed Policies directly assigned to the user |
| CustomerManagedPolicies | string | Customer Managed Policies directly assigned to the user. |
| InlinePolicies | string | Inline Policies directly assigned to the user. |
| Access Keys | string | Access keys associated with the user. |
| AWS CodeCommit HTTPS Credential | string | AWS CodeCommit HTTPS Git credentials associated with the user |
| AWS CodeCommit SSH Keys | string | AWS CodeCommit SSH public keys associated with the user. |
| Signing Certificates | string | Signing Certificates associated with the user. |
| Multi-Factor Authentication Device | string | Multi-Factor Authentication device associated with the user. |
| PasswordLastUsed | string | Password last used date of the user. |
| AccessKeyLastUsed | string | Access key last used details of the user. |
| Tags | string | Tag list in the format TagKey~TagValue pair |
Entitlement Attribute
Below are the default entitlement attributes that Entitlement.json can accommodate to fetch entitlements like Group etc from your AWS instance.
| Attribute Name | Attribute Type | Attribute Description | Required |
|---|---|---|---|
description | boolean | Description of entitlement | Yes |
displayName | string | Display Name of Entitlement. Maximum length: 256 characters | Yes |
entitlementArn | string | The ARN of the entitlement. | |
type | string | Indicate type of entitlement | Yes |
used as | string | Indicate mode of assignment of entitlement | Yes |
Other Entitlement Attributes
Other Entitlement Attributes can be included by support team are discussed here
| Attribute Name | Attribute Type | Attribute Description |
|---|---|---|
| Type: Group | ||
| GroupId | String | Unique ID of the group. |
| Path | String | Path to the group. |
| Create | String | Creation date of the group. |
| AWSManagedPolicies | AWSManagedPolicy | AWS Managed Policies directly assigned to the group. |
| CustomerManagedPolicies | CustomerManagedPolicy | Customer Managed Policies directly assigned to the group. |
| InlinePolicies | InlinePolicy | Inline Policies directly assigned to the group. |
| Type: AWSManagedPolicy | ||
| PolicyId | String | The unique ID of the AWS managed policy. |
| Path | String | The path to the AWS managed policy. |
| CreateDate | String | The creation date of the AWS managed policy. |
| UpdateDate | String | The last update date of the AWS managed policy. |
| DefaultVersionId | String | The currently enabled version ID of the AWS managed policy. |
| PolicyJSON | String | The JSON document for the AWS managed policy. |
| Type: Customer Managed Policy | ||
| PolicyId | String | The unique ID of the customer managed policy. |
| CreateDate | String | The creation date of the customer managed policy. |
| UpdateDate | String | The last update date of the customer managed policy. |
| Path | String | The path to the customer managed policy. |
| DefaultVersionId | String | The currently enabled version ID of the customer managed policy. |
| PolicyJSON | String | The JSON document for the customer managed policy. |
| PolicyGroups | String | Groups attached to the customer managed policy. |
| PolicyRoles | String | Roles attached to the customer managed policy. |
| Tags | String | Tag list in the format TatKey~TagValue pair |
| Type: InlinePolicy | ||
| Id | String | The unique ID of the policy.This is an Identity Attribute which must not be changed. |
| PolicyJSON | String | The JSON document for the policy. |
| Type: Role | ||
| RoleId | String | The unique ID of the role. |
| Path | String | Path to the Role. |
| CreateDate | String | Creation date of the role. |
| AWSManagedPolicies | AWSManagedPolicy | AWS Managed Policies directly assigned to the role. |
| CustomerManagedPolicies | CustomerManagedPolicy | Customer Managed Policies directly assigned to the role. |
| InlinePolicies | InlinePolicy | Inline Policies directly assigned to the role. |
| TrustPolicyJSON | String | Trust Relationship Policy JSON. |
| MaxSessionDuration | String | Maximum CLI/API session duration. |
| Tags | String | Tag list in the format TagKey~TagValue pair |
| Type: SCP | ||
| SCPId | String | The unique ID of the Service Control Policy. |
| AWSManaged | String | A boolean value that indicates whether the Service Control Policy is an AWS managed policy. |
| PolicyJSON | String | The JSON document for the Service Control Policy. |
| Tags | String | Tag list in the format TagKey~TagValue pair |
| Type: AWSAccount | ||
| AWSAccountId | String | The unique ID of the AWS account. |
| String | The email address associated with the AWS account. | |
| Status | String | The status of the AWS account in the organization. |
| JoinedMethod | String | The method by which the AWS account joined the organization. |
| JoinedTimestamp | String | The date the AWS account became a part of the organization. |
| OrganizationUnit | OrganizationUnit | Organization unit holding the AWS Account. |
| Tags | String | Tag list in the format TagKey~TagValue pair |
| Type: OrganizationUnit | ||
| OUId | String | The unique ID of the Organization Unit. |
| ServiceControlPolicies | SCP | Service Control Policies attached to the Organization Unit. |
| Parent | OrganizationUnit | Parent Organization Unit. |
| AWSAccounts | AWSAccount | AWS Accounts attached to the Organization Unit. |
| Tags | String | Tag list in the format TagKey~TagValue pair |