IBM.IAM.AWS.SecurityToken.dll-Help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <!-- Cmdlet: Set-AwsIbmSamlCredentials --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Set-AwsIbmSamlCredentials</command:name> <command:verb>Set</command:verb> <command:noun>AwsIbmSamlCredentials</command:noun> <maml:description> <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: StoreOneRole --> <command:syntaxItem> <maml:name>Set-AwsIbmSamlCredentials</maml:name> <!-- Parameter: EndpointName --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>EndpointName</maml:name> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AwsAccountId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AwsAccountId</maml:name> <maml:description> <maml:para>AWS account id to filter out roles only in a specific account.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Credential --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">PSCredential</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.PSCredential</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ErrorClass --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorClass</maml:name> <maml:description> <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>error</dev:defaultValue> </command:parameter> <!-- Parameter: ErrorElement --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorElement</maml:name> <maml:description> <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>p</dev:defaultValue> </command:parameter> <!-- Parameter: HelpFindResource --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HelpFindResource</maml:name> <maml:description> <maml:para>Search for a specific keyword in a role to mark it as the default choice.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrincipalARN --> <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named"> <maml:name>PrincipalARN</maml:name> <maml:description> <maml:para>The AWS principal ARN for the role you want to assume.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyAddress --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyAddress</maml:name> <maml:description> <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para> </maml:description> <command:parameterValue required="true">Uri</command:parameterValue> <dev:type> <maml:name>System.Uri</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassList --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassList</maml:name> <maml:description> <maml:para>A address that does not use the proxy server.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassOnLocal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassOnLocal</maml:name> <maml:description> <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyCredentials --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyCredentials</maml:name> <maml:description> <maml:para>The credentials of the web proxy.</maml:para> </maml:description> <command:parameterValue required="true">ICredentials</command:parameterValue> <dev:type> <maml:name>System.Net.ICredentials</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RegionMap --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RegionMap</maml:name> <maml:description> <maml:para>Hashtable mapping containing role names to AWS region endpoint system names. Role names can be valid regex strings, first match is returned.</maml:para> </maml:description> <command:parameterValue required="true">Hashtable</command:parameterValue> <dev:type> <maml:name>System.Collections.Hashtable</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RoleARN --> <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named"> <maml:name>RoleARN</maml:name> <maml:description> <maml:para>The AWS role ARN for the role you want to assume.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityProtocol --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityProtocol</maml:name> <maml:description> <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para> <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12, Tls13</maml:para> </maml:description> <command:parameterValue required="true">SecurityProtocolType</command:parameterValue> <dev:type> <maml:name>System.Net.SecurityProtocolType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Tls12</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SingleMatch --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SingleMatch</maml:name> <maml:description> <maml:para>If only one role matches the value in HelpFindResource, then select that single role and don't ask the user which to use.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: StoreAs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>StoreAs</maml:name> <maml:description> <maml:para>Store a successful login into this profile name. Then use it with -ProfileName with AWS cmdlets.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: STSEndpointRegion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>STSEndpointRegion</maml:name> <maml:description> <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>us-east-2</dev:defaultValue> </command:parameter> <!-- Parameter: TokenDurationInMinutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenDurationInMinutes</maml:name> <maml:description> <maml:para>Duration in minutes how long the credentials session token will be valid for. UseAssertionDocumentDuration has precedence if set.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>60</dev:defaultValue> </command:parameter> <!-- Parameter: UseAssertionDocumentDuration --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UseAssertionDocumentDuration</maml:name> <maml:description> <maml:para>Use the duration time that was applied for the SAML assertion document for the token duration.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: StoreAllRoles --> <command:syntaxItem> <maml:name>Set-AwsIbmSamlCredentials</maml:name> <!-- Parameter: EndpointName --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>EndpointName</maml:name> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: StoreAllRoles --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>StoreAllRoles</maml:name> <maml:description> <maml:para>Assume role and store all roles in local AWS shared credential store</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AwsAccountId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AwsAccountId</maml:name> <maml:description> <maml:para>AWS account id to filter out roles only in a specific account.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Credential --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">PSCredential</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.PSCredential</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ErrorClass --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorClass</maml:name> <maml:description> <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>error</dev:defaultValue> </command:parameter> <!-- Parameter: ErrorElement --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorElement</maml:name> <maml:description> <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>p</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyAddress --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyAddress</maml:name> <maml:description> <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para> </maml:description> <command:parameterValue required="true">Uri</command:parameterValue> <dev:type> <maml:name>System.Uri</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassList --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassList</maml:name> <maml:description> <maml:para>A address that does not use the proxy server.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassOnLocal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassOnLocal</maml:name> <maml:description> <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyCredentials --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyCredentials</maml:name> <maml:description> <maml:para>The credentials of the web proxy.</maml:para> </maml:description> <command:parameterValue required="true">ICredentials</command:parameterValue> <dev:type> <maml:name>System.Net.ICredentials</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RegionMap --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RegionMap</maml:name> <maml:description> <maml:para>Hashtable mapping containing role names to AWS region endpoint system names. Role names can be valid regex strings, first match is returned.</maml:para> </maml:description> <command:parameterValue required="true">Hashtable</command:parameterValue> <dev:type> <maml:name>System.Collections.Hashtable</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityProtocol --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityProtocol</maml:name> <maml:description> <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para> <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12, Tls13</maml:para> </maml:description> <command:parameterValue required="true">SecurityProtocolType</command:parameterValue> <dev:type> <maml:name>System.Net.SecurityProtocolType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Tls12</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: STSEndpointRegion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>STSEndpointRegion</maml:name> <maml:description> <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>us-east-2</dev:defaultValue> </command:parameter> <!-- Parameter: TokenDurationInMinutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenDurationInMinutes</maml:name> <maml:description> <maml:para>Duration in minutes how long the credentials session token will be valid for. UseAssertionDocumentDuration has precedence if set.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>60</dev:defaultValue> </command:parameter> <!-- Parameter: UseAssertionDocumentDuration --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UseAssertionDocumentDuration</maml:name> <maml:description> <maml:para>Use the duration time that was applied for the SAML assertion document for the token duration.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: EndpointName --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>EndpointName</maml:name> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrincipalARN --> <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named"> <maml:name>PrincipalARN</maml:name> <maml:description> <maml:para>The AWS principal ARN for the role you want to assume.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RoleARN --> <command:parameter required="false" globbing="false" pipelineInput="true (ByPropertyName)" position="named"> <maml:name>RoleARN</maml:name> <maml:description> <maml:para>The AWS role ARN for the role you want to assume.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Credential --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">PSCredential</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.PSCredential</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: StoreAs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>StoreAs</maml:name> <maml:description> <maml:para>Store a successful login into this profile name. Then use it with -ProfileName with AWS cmdlets.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AwsAccountId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AwsAccountId</maml:name> <maml:description> <maml:para>AWS account id to filter out roles only in a specific account.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: HelpFindResource --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HelpFindResource</maml:name> <maml:description> <maml:para>Search for a specific keyword in a role to mark it as the default choice.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SingleMatch --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SingleMatch</maml:name> <maml:description> <maml:para>If only one role matches the value in HelpFindResource, then select that single role and don't ask the user which to use.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SecurityProtocol --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityProtocol</maml:name> <maml:description> <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para> <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12, Tls13</maml:para> </maml:description> <command:parameterValue required="true">SecurityProtocolType</command:parameterValue> <dev:type> <maml:name>System.Net.SecurityProtocolType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Tls12</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ErrorElement --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorElement</maml:name> <maml:description> <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>p</dev:defaultValue> </command:parameter> <!-- Parameter: ErrorClass --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorClass</maml:name> <maml:description> <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>error</dev:defaultValue> </command:parameter> <!-- Parameter: StoreAllRoles --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>StoreAllRoles</maml:name> <maml:description> <maml:para>Assume role and store all roles in local AWS shared credential store</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: STSEndpointRegion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>STSEndpointRegion</maml:name> <maml:description> <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>us-east-2</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyAddress --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyAddress</maml:name> <maml:description> <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para> </maml:description> <command:parameterValue required="true">Uri</command:parameterValue> <dev:type> <maml:name>System.Uri</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyCredentials --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyCredentials</maml:name> <maml:description> <maml:para>The credentials of the web proxy.</maml:para> </maml:description> <command:parameterValue required="true">ICredentials</command:parameterValue> <dev:type> <maml:name>System.Net.ICredentials</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassOnLocal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassOnLocal</maml:name> <maml:description> <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyBypassList --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassList</maml:name> <maml:description> <maml:para>A address that does not use the proxy server.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RegionMap --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RegionMap</maml:name> <maml:description> <maml:para>Hashtable mapping containing role names to AWS region endpoint system names. Role names can be valid regex strings, first match is returned.</maml:para> </maml:description> <command:parameterValue required="true">Hashtable</command:parameterValue> <dev:type> <maml:name>System.Collections.Hashtable</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenDurationInMinutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenDurationInMinutes</maml:name> <maml:description> <maml:para>Duration in minutes how long the credentials session token will be valid for. UseAssertionDocumentDuration has precedence if set.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>60</dev:defaultValue> </command:parameter> <!-- Parameter: UseAssertionDocumentDuration --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UseAssertionDocumentDuration</maml:name> <maml:description> <maml:para>Use the duration time that was applied for the SAML assertion document for the token duration.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>The AWS principal ARN for the role you want to assume.</maml:para> </maml:description> </command:inputType> <command:inputType> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>The AWS role ARN for the role you want to assume.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: StoredInfo --> <command:returnValue> <dev:type> <maml:name>IBM.IAM.AWS.SecurityToken.SAML.StoredInfo</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Results of the authentication attempt.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial' Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP' Set-AwsIbmSamlCredentials -EndpointName 'IBMEP'</dev:code> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial' Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP' Set-AwsIbmSamlCredentials -EndpointName 'IBMEP' -Credential (Get-Credential -UserName 'MyUsername' -Message 'IBM IAM SAML Server') -RegionMap @{;"West_EU_"="eu-west-1";"West_"="us-west-1";"East_"="us-east-1"}</dev:code> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AwsIbmSamlRoles --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AwsIbmSamlRoles</command:name> <command:verb>Get</command:verb> <command:noun>AwsIbmSamlRoles</command:noun> <maml:description> <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Authenticates a user against IBM IAM server to utilize roles granted in AWS via AWS PowerShell cmdlets.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AwsIbmSamlRoles</maml:name> <!-- Parameter: EndpointName --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>EndpointName</maml:name> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AwsAccountId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AwsAccountId</maml:name> <maml:description> <maml:para>AWS account id to filter out roles only in a specific account.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Credential --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">PSCredential</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.PSCredential</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ErrorClass --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorClass</maml:name> <maml:description> <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>error</dev:defaultValue> </command:parameter> <!-- Parameter: ErrorElement --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorElement</maml:name> <maml:description> <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>p</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyAddress --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyAddress</maml:name> <maml:description> <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para> </maml:description> <command:parameterValue required="true">Uri</command:parameterValue> <dev:type> <maml:name>System.Uri</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassList --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassList</maml:name> <maml:description> <maml:para>A address that does not use the proxy server.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassOnLocal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassOnLocal</maml:name> <maml:description> <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyCredentials --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyCredentials</maml:name> <maml:description> <maml:para>The credentials of the web proxy.</maml:para> </maml:description> <command:parameterValue required="true">ICredentials</command:parameterValue> <dev:type> <maml:name>System.Net.ICredentials</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityProtocol --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityProtocol</maml:name> <maml:description> <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para> <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12, Tls13</maml:para> </maml:description> <command:parameterValue required="true">SecurityProtocolType</command:parameterValue> <dev:type> <maml:name>System.Net.SecurityProtocolType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Tls12</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: STSEndpointRegion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>STSEndpointRegion</maml:name> <maml:description> <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>us-east-2</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: EndpointName --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>EndpointName</maml:name> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Credential --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Credential</maml:name> <maml:description> <maml:para>The credentials you want to use to auto-login to the IBM IAM server.</maml:para> </maml:description> <command:parameterValue required="true">PSCredential</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.PSCredential</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AwsAccountId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AwsAccountId</maml:name> <maml:description> <maml:para>AWS account id to filter out roles only in a specific account.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityProtocol --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityProtocol</maml:name> <maml:description> <maml:para>Set what Security Protocol to use when connecting over HTTPS. Default: TLS 1.2</maml:para> <maml:para>Possible values: SystemDefault, Ssl3, Tls, Tls11, Tls12, Tls13</maml:para> </maml:description> <command:parameterValue required="true">SecurityProtocolType</command:parameterValue> <dev:type> <maml:name>System.Net.SecurityProtocolType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Tls12</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">SystemDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ssl3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Tls13</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ErrorElement --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorElement</maml:name> <maml:description> <maml:para>Set what HTML element will contain a error response if there is a error from bad login. Default: P</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>p</dev:defaultValue> </command:parameter> <!-- Parameter: ErrorClass --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ErrorClass</maml:name> <maml:description> <maml:para>Set what HTML class the ErrorElement will contain for a error response if there is a error from bad login. Default: error</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>error</dev:defaultValue> </command:parameter> <!-- Parameter: STSEndpointRegion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>STSEndpointRegion</maml:name> <maml:description> <maml:para>Region to use when calling SecurityTokenService's AssumeRoleWithSAML. Default: us-east-2</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>us-east-2</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyAddress --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyAddress</maml:name> <maml:description> <maml:para>The address of the proxy in Url form. (https://proxy.example.corp:8080)</maml:para> </maml:description> <command:parameterValue required="true">Uri</command:parameterValue> <dev:type> <maml:name>System.Uri</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyCredentials --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyCredentials</maml:name> <maml:description> <maml:para>The credentials of the web proxy.</maml:para> </maml:description> <command:parameterValue required="true">ICredentials</command:parameterValue> <dev:type> <maml:name>System.Net.ICredentials</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProxyBypassOnLocal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassOnLocal</maml:name> <maml:description> <maml:para>Indicates whether to bypass the proxy server for local addresses.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProxyBypassList --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProxyBypassList</maml:name> <maml:description> <maml:para>A address that does not use the proxy server.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>The name of the endpoint you gave when calling Set-AWSSamlEndpoint with your URL to the IBM IAM server.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: SAMLCredential --> <command:returnValue> <dev:type> <maml:name>IBM.IAM.AWS.SecurityToken.SAML.SAMLCredential</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>AWS Principal and Role ARNs</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial' Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP' Get-AwsIbmSamlRoles -EndpointName 'IBMEP'</dev:code> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$endpoint = 'https://sso.mycompany.com/saml20/logininitial' Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs 'IBMEP' Get-AwsIbmSamlRoles -EndpointName 'IBMEP' -Credential (Get-Credential -UserName 'MyUsername' -Message 'IBM IAM SAML Server')</dev:code> </command:example> </command:examples> </command:command> </helpItems> |