signin:CreateTrustedIdentityPropagationApplicationForConsole is a Write access-level action in the signin service. Grants permission to create an Identity Center application that represents the AWS Management Console on an Identity Center organization instance
This action does not support resource-level permissions; use "Resource": "*" in your policy.
No condition keys are documented for this action.
To use signin:CreateTrustedIdentityPropagationApplicationForConsole you may also need to grant:
A minimal policy that allows signin:CreateTrustedIdentityPropagationApplicationForConsole. Replace "Resource": "*" with a specific ARN to follow least privilege.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowSigninCreateTrustedIdentityPropagationApplicationForConsole",
"Effect": "Allow",
"Action": "signin:CreateTrustedIdentityPropagationApplicationForConsole",
"Resource": "*"
}
]
}