CODEWITHSUNDEEP
amazon-web-servicesamazon-iamaws-cloudformation
Umer
Umer

Reputation: 250

How to name a custom managed policy created using cloudformation template

I can succefully create a custom IAM policy(managed) using below template:

"IAMPolicy2": {
      "Type": "AWS::IAM::ManagedPolicy",
      "Properties": { 
        "PolicyDocument": {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:Get*",
                "s3:List*"
            ],
            "Resource": [
                {
                  "Fn::Join": [
                    "",
                    [
                      "arn:aws:s3:::",
                      {
                        "Ref": "S3Bucket"
                      }
                    ]
                  ]
                },
                {
                  "Fn::Join": [
                    "",
                    [
                      "arn:aws:s3:::",
                      {
                        "Ref": "S3Bucket"
                      },
                      "/*"
                    ]
                  ]
                }
              ]
            }
          ]
        },
        "Users": [
          {
            "Ref": "IAMUser2"
          }
        ]
      }
    }

But when I try to add ""PolicyName":"test2"" tag in the template I am getting this error:

Encountered unsupported property PolicyName

Is there a way I can set any name for my custom managed policy?

Upvotes: 2

Views: 3516

Answers (3)

midhun k
midhun k

Reputation: 11

You can refer below AWS document - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html

{
  "Type" : "AWS::IAM::ManagedPolicy",
  "Properties" : {
      "Description" : String,
      "Groups" : [ String, ... ],
      "ManagedPolicyName" : String,
      "Path" : String,
      "PolicyDocument" : Json,
      "Roles" : [ String, ... ],
      "Users" : [ String, ... ]
    }
}

As per the configuration skeleton it's not "PolicyName". For managed policy we have to use "ManagedPolicyName" insted.

AWS CloudFormation is well documented, so any issue related to syntax you can figure-out from official docs only.

Upvotes: 0

many_7days
many_7days

Reputation: 11

To create a static name that does not append the stack name and stack randomstring, add this to your properties: 

"ManagedPolicyName": "myManagedPolicyRocks"

Upvotes: 1

Bruno Rubin
Bruno Rubin

Reputation: 356

Currently is not possible to set a custom name for a IAM managed policy when creating it via CloudFormation. The same applies to IAM roles.

The name pattern will be aways generated like this:

StackName-ResourceName-RandomString

Also, you can check the IAM Managed Policy Guide for the available properties.

Upvotes: 3

Related Questions