group_memberships
Creates, updates, deletes or gets a group_membership resource or lists group_memberships in a region
Overview
| Name | group_memberships |
| Type | Resource |
| Description | Resource Type Definition for AWS:IdentityStore::GroupMembership |
| Id | awscc.identitystore.group_memberships |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
group_id | string | The unique identifier for a group in the identity store. |
identity_store_id | string | The globally unique identifier for the identity store. |
member_id | object | An object containing the identifier of a group member. |
membership_id | string | The identifier for a GroupMembership in the identity store. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
identity_store_id | string | The globally unique identifier for the identity store. |
membership_id | string | The identifier for a GroupMembership in the identity store. |
region | string | AWS region. |
For more information, see AWS::IdentityStore::GroupMembership.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | group_memberships | INSERT | IdentityStoreId, GroupId, MemberId, region |
delete_resource | group_memberships | DELETE | Identifier, region |
list_resources | group_memberships_list_only | SELECT | region |
get_resource | group_memberships | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual group_membership.
SELECT
region,
group_id,
identity_store_id,
member_id,
membership_id
FROM awscc.identitystore.group_memberships
WHERE
region = 'us-east-1' AND
Identifier = '{{ membership_id }}|{{ identity_store_id }}';
Lists all group_memberships in a region.
SELECT
region,
membership_id,
identity_store_id
FROM awscc.identitystore.group_memberships_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new group_membership resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.identitystore.group_memberships (
GroupId,
IdentityStoreId,
MemberId,
region
)
SELECT
'{{ group_id }}',
'{{ identity_store_id }}',
'{{ member_id }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.identitystore.group_memberships (
GroupId,
IdentityStoreId,
MemberId,
region
)
SELECT
'{{ group_id }}',
'{{ identity_store_id }}',
'{{ member_id }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: group_membership
props:
- name: group_id
value: '{{ group_id }}'
- name: identity_store_id
value: '{{ identity_store_id }}'
- name: member_id
value:
user_id: '{{ user_id }}'
DELETE example
/*+ delete */
DELETE FROM awscc.identitystore.group_memberships
WHERE
Identifier = '{{ membership_id }}|{{ identity_store_id }}' AND
region = 'us-east-1';
Permissions
To operate on the group_memberships resource, the following permissions are required:
- Create
- Read
- Delete
- List
identitystore:CreateGroupMembership,
identitystore:DescribeGroupMembership
identitystore:DescribeGroupMembership
identitystore:DeleteGroupMembership,
identitystore:DescribeGroupMembership
identitystore:ListGroupMemberships