Package software.amazon.awscdk.services.sso

Interface CfnPermissionSet.PermissionsBoundaryProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnPermissionSet.PermissionsBoundaryProperty.Jsii$Proxy

Enclosing class:

CfnPermissionSet

@Stability(Stable)
public static interface CfnPermissionSet.PermissionsBoundaryProperty
extends software.amazon.jsii.JsiiSerializable

Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.

Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide .

Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.sso.*;
 PermissionsBoundaryProperty permissionsBoundaryProperty = PermissionsBoundaryProperty.builder()
         .customerManagedPolicyReference(CustomerManagedPolicyReferenceProperty.builder()
                 .name("name")
                 // the properties below are optional
                 .path("path")
                 .build())
         .managedPolicyArn("managedPolicyArn")
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnPermissionSet.PermissionsBoundaryProperty.Builder	A builder for CfnPermissionSet.PermissionsBoundaryProperty
static final class	CfnPermissionSet.PermissionsBoundaryProperty.Jsii$Proxy	An implementation for CfnPermissionSet.PermissionsBoundaryProperty

Method Summary

Modifier and Type	Method	Description
static CfnPermissionSet.PermissionsBoundaryProperty.Builder	builder()
default Object	getCustomerManagedPolicyReference()	Specifies the name and path of a customer managed policy.
default String	getManagedPolicyArn()	The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getCustomerManagedPolicyReference

@Stability(Stable)
@Nullable
default Object getCustomerManagedPolicyReference()

Specifies the name and path of a customer managed policy.

You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.

getManagedPolicyArn

@Stability(Stable)
@Nullable
default String getManagedPolicyArn()

The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.

builder

@Stability(Stable)
static CfnPermissionSet.PermissionsBoundaryProperty.Builder builder()

Returns:

a CfnPermissionSet.PermissionsBoundaryProperty.Builder of CfnPermissionSet.PermissionsBoundaryProperty