-
Notifications
You must be signed in to change notification settings - Fork 17
/
PermissionsBoundary.go
75 lines (64 loc) · 1.83 KB
/
PermissionsBoundary.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package awsiam
import (
_init_ "github.com/aws/aws-cdk-go/awscdk/v2/jsii"
_jsii_ "github.com/aws/jsii-runtime-go/runtime"
"github.com/aws/constructs-go/constructs/v10"
)
// Modify the Permissions Boundaries of Users and Roles in a construct tree.
//
// ```ts
// const policy = iam.ManagedPolicy.fromAwsManagedPolicyName('ReadOnlyAccess');
// iam.PermissionsBoundary.of(this).apply(policy);
// ```.
//
// Example:
// var project project
//
// iam.PermissionsBoundary_Of(project).Apply(codebuild.NewUntrustedCodeBoundaryPolicy(this, jsii.String("Boundary")))
//
type PermissionsBoundary interface {
// Apply the given policy as Permissions Boundary to all Roles and Users in the scope.
//
// Will override any Permissions Boundaries configured previously; in case
// a Permission Boundary is applied in multiple scopes, the Boundary applied
// closest to the Role wins.
Apply(boundaryPolicy IManagedPolicy)
// Remove previously applied Permissions Boundaries.
Clear()
}
// The jsii proxy struct for PermissionsBoundary
type jsiiProxy_PermissionsBoundary struct {
_ byte // padding
}
// Access the Permissions Boundaries of a construct tree.
func PermissionsBoundary_Of(scope constructs.IConstruct) PermissionsBoundary {
_init_.Initialize()
if err := validatePermissionsBoundary_OfParameters(scope); err != nil {
panic(err)
}
var returns PermissionsBoundary
_jsii_.StaticInvoke(
"aws-cdk-lib.aws_iam.PermissionsBoundary",
"of",
[]interface{}{scope},
&returns,
)
return returns
}
func (p *jsiiProxy_PermissionsBoundary) Apply(boundaryPolicy IManagedPolicy) {
if err := p.validateApplyParameters(boundaryPolicy); err != nil {
panic(err)
}
_jsii_.InvokeVoid(
p,
"apply",
[]interface{}{boundaryPolicy},
)
}
func (p *jsiiProxy_PermissionsBoundary) Clear() {
_jsii_.InvokeVoid(
p,
"clear",
nil, // no parameters
)
}