:doc:`IAM <../../iam>` / Client / put_role_permissions_boundary

*****************************
put_role_permissions_boundary
*****************************



.. py:method:: IAM.Client.put_role_permissions_boundary(**kwargs)

  

  Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the role.

   

  You cannot set the boundary for a service-linked role.

   

  .. warning::

     

    Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the role. To learn how the effective permissions for a role are evaluated, see `IAM JSON policy evaluation logic <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html>`__ in the IAM User Guide.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary>`_  


  **Request Syntax**
  ::

    response = client.put_role_permissions_boundary(
        RoleName='string',
        PermissionsBoundary='string'
    )
    
  :type RoleName: string
  :param RoleName: **[REQUIRED]** 

    The name (friendly name, not ARN) of the IAM role for which you want to set the permissions boundary.

    

  
  :type PermissionsBoundary: string
  :param PermissionsBoundary: **[REQUIRED]** 

    The ARN of the managed policy that is used to set the permissions boundary for the role.

     

    A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see `Permissions boundaries for IAM entities <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html>`__ in the *IAM User Guide*.

     

    For more information about policy types, see `Policy types <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types>`__ in the *IAM User Guide*.

    

  
  
  :returns: None
  **Exceptions**
  
  *   :py:class:`IAM.Client.exceptions.NoSuchEntityException`

  
  *   :py:class:`IAM.Client.exceptions.InvalidInputException`

  
  *   :py:class:`IAM.Client.exceptions.UnmodifiableEntityException`

  
  *   :py:class:`IAM.Client.exceptions.PolicyNotAttachableException`

  
  *   :py:class:`IAM.Client.exceptions.ServiceFailureException`

  