class PermissionsBoundary
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.IAM.PermissionsBoundary |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsiam#PermissionsBoundary |
 Java | software.amazon.awscdk.services.iam.PermissionsBoundary |
 Python | aws_cdk.aws_iam.PermissionsBoundary |
 TypeScript (source) | aws-cdk-lib » aws_iam » PermissionsBoundary |
Modify the Permissions Boundaries of Users and Roles in a construct tree.
const policy = iam.ManagedPolicy.fromAwsManagedPolicyName('ReadOnlyAccess');
iam.PermissionsBoundary.of(this).apply(policy);
Example
declare const project: codebuild.Project;
iam.PermissionsBoundary.of(project).apply(new codebuild.UntrustedCodeBoundaryPolicy(this, 'Boundary'));
Methods
| Name | Description |
|---|---|
| apply(boundaryPolicy) | Apply the given policy as Permissions Boundary to all Roles and Users in the scope. |
| clear() | Remove previously applied Permissions Boundaries. |
| static of(scope) | Access the Permissions Boundaries of a construct tree. |
apply(boundaryPolicy)
public apply(boundaryPolicy: IManagedPolicy): void
Parameters
- boundaryPolicy
IManagedPolicy
Apply the given policy as Permissions Boundary to all Roles and Users in the scope.
Will override any Permissions Boundaries configured previously; in case a Permission Boundary is applied in multiple scopes, the Boundary applied closest to the Role wins.
clear()
public clear(): void
Remove previously applied Permissions Boundaries.
static of(scope)
public static of(scope: IConstruct): PermissionsBoundary
Parameters
- scope
IConstruct
Returns
Access the Permissions Boundaries of a construct tree.