Ihsan Haikal
Reputation: 1215
CloudFormation template to update the IAM Role's policy
Is it possible to create a CloudFormation template that takes the IAM role's ARN as the input and updates its policy assigned to it to add more privileges?I tried to work with the CloudFormation designer but it is very confusing and not straightforward,
Upvotes: 0
Views: 890
Answers (1)
WarrenG
Reputation: 1850
Yes, you can do this with a template such as this:
Description: Add policy to existing role
Parameters:
MyExistingRoleName:
Type: String
Description: Name of the Role you want to add a policy to
Resources:
MyNewPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: "my-new-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "s3:ListAllMyBuckets"
Resource:
- "*"
Roles:
- !Ref MyExistingRoleName
Upvotes: 1
Related Questions
- cloudformation template to create IAM role with inline policy
- Create policy with CloudFormation
- CloudFormation template - Using existing IAM role in for Lambda functions
- AWS Cloudformation IAM Policy with Resource
- AWS CloudFormation - Attach existing managed policy to existing role through a template
- Using Existing Role in CloudFormation Template
- Create IAM role and attach a custom policy
- AWS Cloudformation template EC2 Role/Policy circular dependency
- Create IAM role only with managed cloudformation policy
- create AWS IAM Policy using cloudformation