Reputation: 13
I am trying to create a CloudFormation template for a custom-managed policy where whenever I run the template, it'll create the policy in the account I specified.
For example, I have 10 AWS accounts and I want to create a template in our main account where you just need to enter the accountID and the JSON and CloudFormation will create it for you. This is what I have so far (which dosen't work)
AWSTemplateFormatVersion: "2010-09-09"
Description: "This cloudformation template will create a managed policy in a perticular account"
# Define Parameters
Type: String
Description: The name that will be applied to the custom policy.
Type: String
Description: Type a description for this policy. This can NOT be changed after initial assignment.
Type: Json
Description: Type permission for this policy in JSON format
Type: String
Description: Enter the account ID where you want to create this policy
# Define Resources
# ---------------------
# Define Policy Resource
# ---------------------
Type: "AWS::IAM::ManagedPolicy"
ManagedPolicyName: !Ref PolicyName
Description: !Ref PolicyDescription
Path: "/"
PolicyDocument: !RefPolicyJson
# Define Outputs:
Description: The name of the newly created managed policy
Value: !Ref PolicyName
I am following documentation in order to solve my problem.
We want whenever someone runs the template, they are provided with input fields where they can write policy name, Description, Account where to create the policy and Json of the permission. And Cloudformation should create it for them and return the policy ARN as output
Upvotes: 1
Views: 751