将多个 IAM 内联策略从 cloudformation 附加到同一角色
Attach more than one IAM inline policy from cloudformation to the same role
我正在检查我们是否可以将多个 IAM 策略附加到云形成中。
我已经附加了一项托管策略,我能够附加和内联策略,但想检查我是否可以附加多个内联策略。
我想附加到同一个角色
1) 托管策略
2)内联政策 - 1
3) 内联策略 - 2
谢谢
纳塔拉吉
这是完全有可能的。相关字段将是 ManagedPolicyArns 和 Policies.
Resources:
RootRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
ManagedPolicyArns:
- 'arn:aws:iam::ACCOUNT_ID:policy/myname/ManagedPolicy'
Policies:
- PolicyName: "Inline Policy 1"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
- PolicyName: "Inline Policy 2"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
更多details/callouts查看文档:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
我正在检查我们是否可以将多个 IAM 策略附加到云形成中。 我已经附加了一项托管策略,我能够附加和内联策略,但想检查我是否可以附加多个内联策略。
我想附加到同一个角色
1) 托管策略 2)内联政策 - 1 3) 内联策略 - 2
谢谢 纳塔拉吉
这是完全有可能的。相关字段将是 ManagedPolicyArns 和 Policies.
Resources:
RootRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
ManagedPolicyArns:
- 'arn:aws:iam::ACCOUNT_ID:policy/myname/ManagedPolicy'
Policies:
- PolicyName: "Inline Policy 1"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
- PolicyName: "Inline Policy 2"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
更多details/callouts查看文档:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html