UNPKG

@aws-cdk/aws-iam

Version:

CDK routines for easily assigning correct and minimal IAM permissions

github.com/aws/aws-cdk

aws/aws-cdk

32 lines (31 loc) 1.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
import { IConstruct } from 'constructs'; import { IManagedPolicy } from './managed-policy'; /** * Modify the Permissions Boundaries of Users and Roles in a construct tree * * ```ts * const policy = iam.ManagedPolicy.fromAwsManagedPolicyName('ReadOnlyAccess'); * iam.PermissionsBoundary.of(this).apply(policy); * ``` */ export declare class PermissionsBoundary { private readonly scope; /** * Access the Permissions Boundaries of a construct tree */ static of(scope: IConstruct): PermissionsBoundary; private constructor(); /** * Apply the given policy as Permissions Boundary to all Roles and Users in * the scope. * * Will override any Permissions Boundaries configured previously; in case * a Permission Boundary is applied in multiple scopes, the Boundary applied * closest to the Role wins. */ apply(boundaryPolicy: IManagedPolicy): void; /** * Remove previously applied Permissions Boundaries */ clear(): void; }