# PutRolePermissionsBoundary Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an AWS managed policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the role. You cannot set the boundary for a service-linked role. **Important** Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the IAM User Guide. ## Request Parameters For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md). ** PermissionsBoundary ** The ARN of the managed policy that is used to set the permissions boundary for the role. A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*. For more information about policy types, see [Policy types ](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide*. Type: String Length Constraints: Minimum length of 20. Maximum length of 2048. Required: Yes ** RoleName ** The name (friendly name, not ARN) of the IAM role for which you want to set the permissions boundary. Type: String Length Constraints: Minimum length of 1. Maximum length of 64. Pattern: `[\w+=,.@-]+` Required: Yes ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** InvalidInput ** The request was rejected because an invalid or out-of-range value was supplied for an input parameter. HTTP Status Code: 400 ** NoSuchEntity ** The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource. HTTP Status Code: 404 ** PolicyNotAttachable ** The request failed because AWS service role policies can only be attached to the service-linked role for that service. HTTP Status Code: 400 ** ServiceFailure ** The request processing has failed because of an unknown error, exception or failure. HTTP Status Code: 500 ** UnmodifiableEntity ** The request was rejected because service-linked roles are protected AWS resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/iam-2010-05-08/PutRolePermissionsBoundary) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/iam-2010-05-08/PutRolePermissionsBoundary)