PutUserPermissionsBoundary
Adds or updates the policy that is specified as the IAM user's permissions boundary. You can use an AWS managed policy or a customer managed policy to set the boundary for a user. Use the boundary to control the maximum permissions that the user can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the user.
Policies that are used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the user. To learn how the effective permissions for a user are evaluated, see IAM JSON Policy Evaluation Logic in the IAM User Guide.
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
- PermissionsBoundary
-
The ARN of the policy that is used to set the permissions boundary for the user.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
- UserName
-
The name (friendly name, not ARN) of the IAM user for which you want to set the permissions boundary.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[\w+=,.@-]+Required: Yes
Errors
For information about the errors that are common to all actions, see Common Errors.
- InvalidInput
-
The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
HTTP Status Code: 400
- NoSuchEntity
-
The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.
HTTP Status Code: 404
- PolicyNotAttachable
-
The request failed because AWS service role policies can only be attached to the service-linked role for that service.
HTTP Status Code: 400
- ServiceFailure
-
The request processing has failed because of an unknown error, exception or failure.
HTTP Status Code: 500
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
