/
FromRoleArnOptions.go
39 lines (36 loc) · 1.71 KB
/
FromRoleArnOptions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
package awsiam
// Options allowing customizing the behavior of `Role.fromRoleArn`.
//
// Example:
// role := iam.Role_FromRoleArn(this, jsii.String("Role"), jsii.String("arn:aws:iam::123456789012:role/MyExistingRole"), &FromRoleArnOptions{
// // Set 'mutable' to 'false' to use the role as-is and prevent adding new
// // policies to it. The default is 'true', which means the role may be
// // modified as part of the deployment.
// Mutable: jsii.Boolean(false),
// })
//
type FromRoleArnOptions struct {
// For immutable roles: add grants to resources instead of dropping them.
//
// If this is `false` or not specified, grant permissions added to this role are ignored.
// It is your own responsibility to make sure the role has the required permissions.
//
// If this is `true`, any grant permissions will be added to the resource instead.
// Default: false.
//
AddGrantsToResources *bool `field:"optional" json:"addGrantsToResources" yaml:"addGrantsToResources"`
// Any policies created by this role will use this value as their ID, if specified.
//
// Specify this if importing the same role in multiple stacks, and granting it
// different permissions in at least two stacks. If this is not specified
// (or if the same name is specified in more than one stack),
// a CloudFormation issue will result in the policy created in whichever stack
// is deployed last overwriting the policies created by the others.
// Default: 'Policy'.
//
DefaultPolicyName *string `field:"optional" json:"defaultPolicyName" yaml:"defaultPolicyName"`
// Whether the imported role can be modified by attaching policy resources to it.
// Default: true.
//
Mutable *bool `field:"optional" json:"mutable" yaml:"mutable"`
}