FromRoleArnOptions
- class aws_cdk.aws_iam.FromRoleArnOptions(*, add_grants_to_resources=None, mutable=None)
Bases:
objectOptions allowing customizing the behavior of {@link Role.fromRoleArn}.
- Parameters
add_grants_to_resources (
Optional[bool]) – For immutable roles: add grants to resources instead of dropping them. If this isfalseor not specified, grant permissions added to this role are ignored. It is your own responsibility to make sure the role has the required permissions. If this istrue, any grant permissions will be added to the resource instead. Default: falsemutable (
Optional[bool]) – Whether the imported role can be modified by attaching policy resources to it. Default: true
- ExampleMetadata
infused
Example:
role = iam.Role.from_role_arn(self, "Role", "arn:aws:iam::123456789012:role/MyExistingRole", # Set 'mutable' to 'false' to use the role as-is and prevent adding new # policies to it. The default is 'true', which means the role may be # modified as part of the deployment. mutable=False )
Attributes
- add_grants_to_resources
add grants to resources instead of dropping them.
If this is
falseor not specified, grant permissions added to this role are ignored. It is your own responsibility to make sure the role has the required permissions.If this is
true, any grant permissions will be added to the resource instead.- Default
false
- Type
For immutable roles
- Return type
Optional[bool]
- mutable
Whether the imported role can be modified by attaching policy resources to it.
- Default
true
- Return type
Optional[bool]