Policy Setting: AWS > IAM > Role > Boundary
Policies
This policy setting is dependent on the following policy types:
Source
resource "turbot_policy_setting" "aws_iam_role_boundary" { resource = turbot_policy_pack.main.id type = "tmod:@turbot/aws-iam#/policy/types/roleBoundary" template_input = <<EOT { resource { role_arn: get(path: "Arn") parent { turbot_iam_role: policyValue(uri: "tmod:@turbot/aws#/policy/types/turbotIamRole") { value } } } }EOT template = <<EOT {%- if $.resource.role_arn and $.resource.role_arn != $.resource.parent.turbot_iam_role.value -%}
"Check: Boundary > Policy" # "Enforce: Boundary > Policy"
{%- else -%}
"Skip"
{%- endif -%}EOT}