PermissionsBoundary¶
-
class
aws_cdk.aws_iam.
PermissionsBoundary
(*args: Any, **kwargs)¶ Bases:
object
Modify the Permissions Boundaries of Users and Roles in a construct tree.
Example:
policy = iam.ManagedPolicy.from_aws_managed_policy_name("ReadOnlyAccess") iam.PermissionsBoundary.of(self).apply(policy)
- ExampleMetadata
infused
Example:
# project: codebuild.Project iam.PermissionsBoundary.of(project).apply(codebuild.UntrustedCodeBoundaryPolicy(self, "Boundary"))
Methods
-
apply
(boundary_policy)¶ Apply the given policy as Permissions Boundary to all Roles and Users in the scope.
Will override any Permissions Boundaries configured previously; in case a Permission Boundary is applied in multiple scopes, the Boundary applied closest to the Role wins.
- Parameters
boundary_policy (
IManagedPolicy
) –- Return type
None
-
clear
()¶ Remove previously applied Permissions Boundaries.
- Return type
None
Static Methods
-
classmethod
of
(scope)¶ Access the Permissions Boundaries of a construct tree.
- Parameters
scope (
IConstruct
) –- Return type