Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.SSOAdmin.Types.PermissionsBoundary

Description

Documentation

data PermissionsBoundary Source #

Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either CustomerManagedPolicyReference to use the name and path of a customer managed policy, or ManagedPolicyArn to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see Permissions boundaries for IAM entities in the IAM User Guide.

Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.

See: newPermissionsBoundary smart constructor.

Constructors

PermissionsBoundary'
Fields customerManagedPolicyReference :: Maybe CustomerManagedPolicyReference Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set. managedPolicyArn :: Maybe Text The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.

Instances

Instances details

FromJSON PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods parseJSON :: Value -> Parser PermissionsBoundary # parseJSONList :: Value -> Parser [PermissionsBoundary] #
ToJSON PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods toJSON :: PermissionsBoundary -> Value # toEncoding :: PermissionsBoundary -> Encoding # toJSONList :: [PermissionsBoundary] -> Value # toEncodingList :: [PermissionsBoundary] -> Encoding #
Generic PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Associated Types type Rep PermissionsBoundary :: Type -> Type # Methods from :: PermissionsBoundary -> Rep PermissionsBoundary x # to :: Rep PermissionsBoundary x -> PermissionsBoundary #
Read PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods readsPrec :: Int -> ReadS PermissionsBoundary # readList :: ReadS [PermissionsBoundary] # readPrec :: ReadPrec PermissionsBoundary # readListPrec :: ReadPrec [PermissionsBoundary] #
Show PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods showsPrec :: Int -> PermissionsBoundary -> ShowS # show :: PermissionsBoundary -> String # showList :: [PermissionsBoundary] -> ShowS #
NFData PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods rnf :: PermissionsBoundary -> () #
Eq PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods (==) :: PermissionsBoundary -> PermissionsBoundary -> Bool # (/=) :: PermissionsBoundary -> PermissionsBoundary -> Bool #
Hashable PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary Methods hashWithSalt :: Int -> PermissionsBoundary -> Int # hash :: PermissionsBoundary -> Int #
type Rep PermissionsBoundary Source #
Instance details Defined in Amazonka.SSOAdmin.Types.PermissionsBoundary type Rep PermissionsBoundary = D1 ('MetaData "PermissionsBoundary" "Amazonka.SSOAdmin.Types.PermissionsBoundary" "amazonka-sso-admin-2.0-HhKPJAnDdA18B4mnMjNqZF" 'False) (C1 ('MetaCons "PermissionsBoundary'" 'PrefixI 'True) (S1 ('MetaSel ('Just "customerManagedPolicyReference") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe CustomerManagedPolicyReference)) :*: S1 ('MetaSel ('Just "managedPolicyArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))))

newPermissionsBoundary :: PermissionsBoundary Source #

Create a value of PermissionsBoundary with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:customerManagedPolicyReference:PermissionsBoundary', permissionsBoundary_customerManagedPolicyReference - Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.

$sel:managedPolicyArn:PermissionsBoundary', permissionsBoundary_managedPolicyArn - The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.

permissionsBoundary_customerManagedPolicyReference :: Lens' PermissionsBoundary (Maybe CustomerManagedPolicyReference) Source #

Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.

permissionsBoundary_managedPolicyArn :: Lens' PermissionsBoundary (Maybe Text) Source #

The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.