PermissionsBoundary

class aws_cdk.aws_iam.PermissionsBoundary(*args: Any, **kwargs)

Bases: object

Modify the Permissions Boundaries of Users and Roles in a construct tree.

Example:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
policy = ManagedPolicy.from_aws_managed_policy_name("ReadOnlyAccess")
PermissionsBoundary.of(stack).apply(policy)

Methods

apply(boundary_policy)

Apply the given policy as Permissions Boundary to all Roles and Users in the scope.

Will override any Permissions Boundaries configured previously; in case a Permission Boundary is applied in multiple scopes, the Boundary applied closest to the Role wins.

Parameters

boundary_policy (IManagedPolicy) –

Return type

None

clear()

Remove previously applied Permissions Boundaries.

Return type

None

Static Methods

classmethod of(scope)

Access the Permissions Boundaries of a construct tree.

Parameters

scope (IConstruct) –

Return type

PermissionsBoundary