PermissionsBoundary
import type { PermissionsBoundary } from "https://aws-api.deno.dev/v0.4/services/ssoadmin.ts?docs=full";
Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary.
Specify either CustomerManagedPolicyReference
to use the name and path of a customer managed policy, or ManagedPolicyArn
to use the ARN of an AWS managed policy.
A permissions boundary represents the maximum permissions that any policy can grant your role.
For more information, see Permissions boundaries for IAM entities in the IAM User Guide.
! IMPORTANT: ! Policies used as permissions boundaries don't provide permissions. ! You must also attach an IAM policy to the role. ! To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.
§Properties
Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.