FromRoleArnOptions
- class aws_cdk.aws_iam.FromRoleArnOptions(*, add_grants_to_resources=None, mutable=None)
Bases:
objectOptions allowing customizing the behavior of {@link Role.fromRoleArn}.
- Parameters:
add_grants_to_resources (
Optional[bool]) – For immutable roles: add grants to resources instead of dropping them. If this isfalseor not specified, grant permissions added to this role are ignored. It is your own responsibility to make sure the role has the required permissions. If this istrue, any grant permissions will be added to the resource instead. Default: falsemutable (
Optional[bool]) – Whether the imported role can be modified by attaching policy resources to it. Default: true
- ExampleMetadata:
infused
Example:
role = iam.Role.from_role_arn(self, "Role", "arn:aws:iam::123456789012:role/MyExistingRole", # Set 'mutable' to 'false' to use the role as-is and prevent adding new # policies to it. The default is 'true', which means the role may be # modified as part of the deployment. mutable=False )
Attributes
- add_grants_to_resources
add grants to resources instead of dropping them.
If this is
falseor not specified, grant permissions added to this role are ignored. It is your own responsibility to make sure the role has the required permissions.If this is
true, any grant permissions will be added to the resource instead.- Default:
false
- Type:
For immutable roles
- mutable
Whether the imported role can be modified by attaching policy resources to it.
- Default:
true