Class X8SSOSetup

Construct to set up AWS SSO. It is used for setting up SSO with Groups, Permissions and Account associations based on best practice recommendations. It will create the following PermissionSets

1. Administrator PermissionSet
2. ViewOnly PermissionSet
3. SourceCode PermissionSet
4. SecurityAudit PermissionSet

It will create the following Groups

1. Admin Group
2. Security Group
3. Developer Group
4. Network Group

It will perform the following assignments

1. Administrator group is assigned to all accounts
2. Security group is assigned to security accounts
3. Network group gets admin access to infrastructure account
4. Developer group get access to source code account

Default Usage

new X8SSOSetup(this, "LogicalId", {
    x8NetworkAccountId: '1',
    x8DevLogArchiveAccountId: '2',
    x8ProdLogArchiveAccountId: '3',
    x8SourceCodeAccountId: '4'
});

Custom Configuration

new X8SSOSetup(this, "LogicalId", {
   x8NetworkAccountId: '1',
    x8DevLogArchiveAccountId: '2',
    x8ProdLogArchiveAccountId: '3',
    x8SourceCodeAccountId: '4',
    x8NetworkSessionDuration: 'PT3H'
});

It addresses the following compliance requirements