Class: Aws::SSOAdmin::Types::PermissionsBoundary
- Inherits:
- 
      Struct
      
        - Object
- Struct
- Aws::SSOAdmin::Types::PermissionsBoundary
 
- Defined in:
- gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb
Overview
Specifies the configuration of the Amazon Web Services managed or
customer managed policy that you want to set as a permissions
boundary. Specify either CustomerManagedPolicyReference to use the
name and path of a customer managed policy, or ManagedPolicyArn to
use the ARN of an Amazon Web Services managed policy. A permissions
boundary represents the maximum permissions that any policy can grant
your role. For more information, see Permissions boundaries for IAM
entities in the IAM User Guide.
Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.
Constant Summary collapse
- SENSITIVE =
- [] 
Instance Attribute Summary collapse
- 
  
    
      #customer_managed_policy_reference  ⇒ Types::CustomerManagedPolicyReference 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    Specifies the name and path of a customer managed policy. 
- 
  
    
      #managed_policy_arn  ⇒ String 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The Amazon Web Services managed policy ARN that you want to attach to a permission set as a permissions boundary. 
Instance Attribute Details
#customer_managed_policy_reference ⇒ Types::CustomerManagedPolicyReference
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each Amazon Web Services account where you want to deploy your permission set.
| 3671 3672 3673 3674 3675 3676 | # File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb', line 3671 class PermissionsBoundary < Struct.new( :customer_managed_policy_reference, :managed_policy_arn) SENSITIVE = [] include Aws::Structure end | 
#managed_policy_arn ⇒ String
The Amazon Web Services managed policy ARN that you want to attach to a permission set as a permissions boundary.
| 3671 3672 3673 3674 3675 3676 | # File 'gems/aws-sdk-ssoadmin/lib/aws-sdk-ssoadmin/types.rb', line 3671 class PermissionsBoundary < Struct.new( :customer_managed_policy_reference, :managed_policy_arn) SENSITIVE = [] include Aws::Structure end |