IBM.IAM.AWS.SecurityToken.dll-Help.xml

<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh">
  <!-- Cmdlet: Set-AwsIbmSamlCredentials -->
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
    <command:details>
      <command:name>Set-AwsIbmSamlCredentials</command:name>
      <command:verb>Set</command:verb>
      <command:noun>AwsIbmSamlCredentials</command:noun>
      <maml:description>
        <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para>
    </maml:description>
    <command:syntax>
      <!-- Parameter set: StoreOneRole -->
      <command:syntaxItem>
        <maml:name>Set-AwsIbmSamlCredentials</maml:name>
        <!-- Parameter: EndpointName -->
        <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named">
          <maml:name>EndpointName</maml:name>
          <maml:description>
            <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: StoreAs -->
        <command:parameter required="true" globbing="false" pipelineInput="false" position="named">
          <maml:name>StoreAs</maml:name>
          <maml:description>
            <maml:para>Store a successful login into this profile name. Then use it with -ProfileName with AWS cmdlets.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: AwsAccountId -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>AwsAccountId</maml:name>
          <maml:description>
            <maml:para>AWS account id to filter out roles only in a specific account.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: Credential -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>Credential</maml:name>
          <maml:description>
            <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para>
          </maml:description>
          <command:parameterValue required="true">PSCredential</command:parameterValue>
          <dev:type>
            <maml:name>System.Management.Automation.PSCredential</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: ErrorClass -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ErrorClass</maml:name>
          <maml:description>
            <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>error</dev:defaultValue>
        </command:parameter>
        <!-- Parameter: ErrorElement -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ErrorElement</maml:name>
          <maml:description>
            <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>p</dev:defaultValue>
        </command:parameter>
        <!-- Parameter: HelpFindResource -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>HelpFindResource</maml:name>
          <maml:description>
            <maml:para>Search for a specific keyword in a role to mark it as the default choice.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: PrincipalARN -->
        <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
          <maml:name>PrincipalARN</maml:name>
          <maml:description>
            <maml:para>The AWS principal ARN for the role you want to assume.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: ProfileLocation -->
        <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
          <maml:name>ProfileLocation</maml:name>
          <maml:description>
            <maml:para>Physical location to store authenticated profile.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: ProxyAddress -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ProxyAddress</maml:name>
          <maml:description>
            <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para>
          </maml:description>
          <command:parameterValue required="true">Uri</command:parameterValue>
          <dev:type>
            <maml:name>System.Uri</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: ProxyBypassList -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ProxyBypassList</maml:name>
          <maml:description>
            <maml:para>A address that does not use the proxy server.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string[]</command:parameterValue>
          <dev:type>
            <maml:name>System.String[]</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: ProxyBypassOnLocal -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ProxyBypassOnLocal</maml:name>
          <maml:description>
            <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para>
          </maml:description>
          <command:parameterValue required="true">SwitchParameter</command:parameterValue>
          <dev:type>
            <maml:name>System.Management.Automation.SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <!-- Parameter: ProxyCredentials -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>ProxyCredentials</maml:name>
          <maml:description>
            <maml:para>The credentials of the web proxy.</maml:para>
          </maml:description>
          <command:parameterValue required="true">ICredentials</command:parameterValue>
          <dev:type>
            <maml:name>System.Net.ICredentials</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: RoleARN -->
        <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
          <maml:name>RoleARN</maml:name>
          <maml:description>
            <maml:para>The AWS role ARN for the role you want to assume.</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
        </command:parameter>
        <!-- Parameter: SecurityProtocol -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>SecurityProtocol</maml:name>
          <maml:description>
            <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para>
            <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12</maml:para>
          </maml:description>
          <command:parameterValue required="true">SecurityProtocolType</command:parameterValue>
          <dev:type>
            <maml:name>System.Net.SecurityProtocolType</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>Tls12</dev:defaultValue>
          <command:parameterValueGroup>
            <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue>
            <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue>
            <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue>
            <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue>
            <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue>
          </command:parameterValueGroup>
        </command:parameter>
        <!-- Parameter: SingleMatch -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>SingleMatch</maml:name>
          <maml:description>
            <maml:para>If only one role matches the value in HelpFindResource, then select that single role and don't ask the user which to use.</maml:para>
          </maml:description>
          <command:parameterValue required="true">SwitchParameter</command:parameterValue>
          <dev:type>
            <maml:name>System.Management.Automation.SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <!-- Parameter: STSEndpointRegion -->
        <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
          <maml:name>STSEndpointRegion</maml:name>
          <maml:description>
            <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para>
          </maml:description>
          <command:parameterValue required="true">string</command:parameterValue>
          <dev:type>
            <maml:name>System.String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>us-east-2</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <!-- Parameter: EndpointName -->
      <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named">
        <maml:name>EndpointName</maml:name>
        <maml:description>
          <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: PrincipalARN -->
      <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
        <maml:name>PrincipalARN</maml:name>
        <maml:description>
          <maml:para>The AWS principal ARN for the role you want to assume.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: RoleARN -->
      <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
        <maml:name>RoleARN</maml:name>
        <maml:description>
          <maml:para>The AWS role ARN for the role you want to assume.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: Credential -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>Credential</maml:name>
        <maml:description>
          <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para>
        </maml:description>
        <command:parameterValue required="true">PSCredential</command:parameterValue>
        <dev:type>
          <maml:name>System.Management.Automation.PSCredential</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: StoreAs -->
      <command:parameter required="true" globbing="false" pipelineInput="false" position="named">
        <maml:name>StoreAs</maml:name>
        <maml:description>
          <maml:para>Store a successful login into this profile name. Then use it with -ProfileName with AWS cmdlets.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: AwsAccountId -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>AwsAccountId</maml:name>
        <maml:description>
          <maml:para>AWS account id to filter out roles only in a specific account.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: HelpFindResource -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>HelpFindResource</maml:name>
        <maml:description>
          <maml:para>Search for a specific keyword in a role to mark it as the default choice.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: ProfileLocation -->
      <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named">
        <maml:name>ProfileLocation</maml:name>
        <maml:description>
          <maml:para>Physical location to store authenticated profile.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: SingleMatch -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>SingleMatch</maml:name>
        <maml:description>
          <maml:para>If only one role matches the value in HelpFindResource, then select that single role and don't ask the user which to use.</maml:para>
        </maml:description>
        <command:parameterValue required="true">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>System.Management.Automation.SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <!-- Parameter: SecurityProtocol -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>SecurityProtocol</maml:name>
        <maml:description>
          <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para>
          <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12</maml:para>
        </maml:description>
        <command:parameterValue required="true">SecurityProtocolType</command:parameterValue>
        <dev:type>
          <maml:name>System.Net.SecurityProtocolType</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>Tls12</dev:defaultValue>
        <command:parameterValueGroup>
          <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue>
          <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue>
          <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue>
          <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue>
          <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue>
        </command:parameterValueGroup>
      </command:parameter>
      <!-- Parameter: ErrorElement -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ErrorElement</maml:name>
        <maml:description>
          <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>p</dev:defaultValue>
      </command:parameter>
      <!-- Parameter: ErrorClass -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ErrorClass</maml:name>
        <maml:description>
          <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>error</dev:defaultValue>
      </command:parameter>
      <!-- Parameter: STSEndpointRegion -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>STSEndpointRegion</maml:name>
        <maml:description>
          <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para>
        </maml:description>
        <command:parameterValue required="true">string</command:parameterValue>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>us-east-2</dev:defaultValue>
      </command:parameter>
      <!-- Parameter: ProxyAddress -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ProxyAddress</maml:name>
        <maml:description>
          <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para>
        </maml:description>
        <command:parameterValue required="true">Uri</command:parameterValue>
        <dev:type>
          <maml:name>System.Uri</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: ProxyCredentials -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ProxyCredentials</maml:name>
        <maml:description>
          <maml:para>The credentials of the web proxy.</maml:para>
        </maml:description>
        <command:parameterValue required="true">ICredentials</command:parameterValue>
        <dev:type>
          <maml:name>System.Net.ICredentials</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
      <!-- Parameter: ProxyBypassOnLocal -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ProxyBypassOnLocal</maml:name>
        <maml:description>
          <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para>
        </maml:description>
        <command:parameterValue required="true">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>System.Management.Automation.SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <!-- Parameter: ProxyBypassList -->
      <command:parameter required="false" globbing="false" pipelineInput="false" position="named">
        <maml:name>ProxyBypassList</maml:name>
        <maml:description>
          <maml:para>A address that does not use the proxy server.</maml:para>
        </maml:description>
        <command:parameterValue required="true">string[]</command:parameterValue>
        <dev:type>
          <maml:name>System.String[]</maml:name>
          <maml:uri />
        </dev:type>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <maml:description>
          <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <maml:description>
          <maml:para>The AWS principal ARN for the role you want to assume.</maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <maml:description>
          <maml:para>The AWS role ARN for the role you want to assume.</maml:para>
        </maml:description>
      </command:inputType>
      <command:inputType>
        <dev:type>
          <maml:name>System.String</maml:name>
          <maml:uri />
        </dev:type>
        <maml:description>
          <maml:para>Physical location to store authenticated profile.</maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <!-- OutputType: StoredInfo -->
      <command:returnValue>
        <dev:type>
          <maml:name>IBM.IAM.AWS.SecurityToken.SAML.StoredInfo</maml:name>
          <maml:uri />
        </dev:type>
        <maml:description>
          <maml:para>Results of the authentication attempt.</maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <command:examples>
      <command:example>
        <maml:title>---------- EXAMPLE 1 ----------</maml:title>
        <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial'
Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP'
Set-AwsIbmSamlCredentials -EndpointName 'IBMEP'</dev:code>
      </command:example>
      <command:example>
        <maml:title>---------- EXAMPLE 2 ----------</maml:title>
        <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial'
Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP'
Set-AwsIbmSamlCredentials -EndpointName 'IBMEP' -Credential (Get-Credential -UserName 'MyUsername' -Message 'IBM IAM SAML Server')</dev:code>
      </command:example>
    </command:examples>
  </command:command>
</helpItems>