Class FromRoleArnOptions
Options allowing customizing the behavior of Role.fromRoleArn
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class FromRoleArnOptions : Object, IFromRoleArnOptions
Syntax (vb)
Public Class FromRoleArnOptions
Inherits Object
Implements IFromRoleArnOptions
Remarks
ExampleMetadata: infused
Examples
var role = Role.FromRoleArn(this, "Role", "arn:aws:iam::123456789012:role/MyExistingRole", new FromRoleArnOptions {
// Set 'mutable' to 'false' to use the role as-is and prevent adding new
// policies to it. The default is 'true', which means the role may be
// modified as part of the deployment.
Mutable = false
});
Synopsis
Constructors
FromRoleArnOptions() |
Properties
AddGrantsToResources | For immutable roles: add grants to resources instead of dropping them. |
DefaultPolicyName | Any policies created by this role will use this value as their ID, if specified. |
Mutable | Whether the imported role can be modified by attaching policy resources to it. |
Constructors
FromRoleArnOptions()
public FromRoleArnOptions()
Properties
AddGrantsToResources
For immutable roles: add grants to resources instead of dropping them.
public Nullable<bool> AddGrantsToResources { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
If this is false
or not specified, grant permissions added to this role are ignored.
It is your own responsibility to make sure the role has the required permissions.
If this is true
, any grant permissions will be added to the resource instead.
Default: false
DefaultPolicyName
Any policies created by this role will use this value as their ID, if specified.
public string DefaultPolicyName { get; set; }
Property Value
System.String
Remarks
Specify this if importing the same role in multiple stacks, and granting it different permissions in at least two stacks. If this is not specified (or if the same name is specified in more than one stack), a CloudFormation issue will result in the policy created in whichever stack is deployed last overwriting the policies created by the others.
Default: 'Policy'
Mutable
Whether the imported role can be modified by attaching policy resources to it.
public Nullable<bool> Mutable { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: true