/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include namespace Aws { namespace Utils { namespace Json { class JsonValue; class JsonView; } // namespace Json } // namespace Utils namespace SSOAdmin { namespace Model { /** *

Specifies the configuration of the AWS managed or customer managed policy * that you want to set as a permissions boundary. Specify either * CustomerManagedPolicyReference to use the name and path of a * customer managed policy, or ManagedPolicyArn to use the ARN of an * AWS managed policy. A permissions boundary represents the maximum permissions * that any policy can grant your role. For more information, see Permissions * boundaries for IAM entities in the IAM User Guide.

*

Policies used as permissions boundaries don't provide permissions. You must * also attach an IAM policy to the role. To learn how the effective permissions * for a role are evaluated, see IAM * JSON policy evaluation logic in the IAM User Guide.

*

See Also:

AWS * API Reference

*/ class PermissionsBoundary { public: AWS_SSOADMIN_API PermissionsBoundary(); AWS_SSOADMIN_API PermissionsBoundary(Aws::Utils::Json::JsonView jsonValue); AWS_SSOADMIN_API PermissionsBoundary& operator=(Aws::Utils::Json::JsonView jsonValue); AWS_SSOADMIN_API Aws::Utils::Json::JsonValue Jsonize() const; /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline const CustomerManagedPolicyReference& GetCustomerManagedPolicyReference() const{ return m_customerManagedPolicyReference; } /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline bool CustomerManagedPolicyReferenceHasBeenSet() const { return m_customerManagedPolicyReferenceHasBeenSet; } /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline void SetCustomerManagedPolicyReference(const CustomerManagedPolicyReference& value) { m_customerManagedPolicyReferenceHasBeenSet = true; m_customerManagedPolicyReference = value; } /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline void SetCustomerManagedPolicyReference(CustomerManagedPolicyReference&& value) { m_customerManagedPolicyReferenceHasBeenSet = true; m_customerManagedPolicyReference = std::move(value); } /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline PermissionsBoundary& WithCustomerManagedPolicyReference(const CustomerManagedPolicyReference& value) { SetCustomerManagedPolicyReference(value); return *this;} /** *

Specifies the name and path of a customer managed policy. You must have an * IAM policy that matches the name and path in each AWS account where you want to * deploy your permission set.

*/ inline PermissionsBoundary& WithCustomerManagedPolicyReference(CustomerManagedPolicyReference&& value) { SetCustomerManagedPolicyReference(std::move(value)); return *this;} /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline const Aws::String& GetManagedPolicyArn() const{ return m_managedPolicyArn; } /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline bool ManagedPolicyArnHasBeenSet() const { return m_managedPolicyArnHasBeenSet; } /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline void SetManagedPolicyArn(const Aws::String& value) { m_managedPolicyArnHasBeenSet = true; m_managedPolicyArn = value; } /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline void SetManagedPolicyArn(Aws::String&& value) { m_managedPolicyArnHasBeenSet = true; m_managedPolicyArn = std::move(value); } /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline void SetManagedPolicyArn(const char* value) { m_managedPolicyArnHasBeenSet = true; m_managedPolicyArn.assign(value); } /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline PermissionsBoundary& WithManagedPolicyArn(const Aws::String& value) { SetManagedPolicyArn(value); return *this;} /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline PermissionsBoundary& WithManagedPolicyArn(Aws::String&& value) { SetManagedPolicyArn(std::move(value)); return *this;} /** *

The AWS managed policy ARN that you want to attach to a permission set as a * permissions boundary.

*/ inline PermissionsBoundary& WithManagedPolicyArn(const char* value) { SetManagedPolicyArn(value); return *this;} private: CustomerManagedPolicyReference m_customerManagedPolicyReference; bool m_customerManagedPolicyReferenceHasBeenSet = false; Aws::String m_managedPolicyArn; bool m_managedPolicyArnHasBeenSet = false; }; } // namespace Model } // namespace SSOAdmin } // namespace Aws