LoginSignup

This article is a Private article. Only a writer and users who know the URL can access it.
Please change open range to public in publish setting if you want to share this article with other users.

More than 5 years have passed since last update.

@TakesxiSximada(Takesxi Sximada)

[WIP] AWS CloudFormationでIAMを管理する

Last updated at Posted at 2017-03-02

ポリシー

ExamplePolicy:
  Type: AWS::IAM::ManagedPolicy
  Properties:
    PolicyDocument:
      Version: 2012-10-17
      Statement:
        - Sid: Stmt01
          Effect: Allow
          Action:
            - s3:ListObject
          Resource:
            - "*"

グループ

ExampleGroup:
  Type: AWS::IAM::Group
  Properties:
    GroupName: !Sub ${AWS::StackName}-testing
    ManagedPolicyArns:
      - !Ref ExamplePolicy

ユーザ

ExampleUser:
  Type: AWS::IAM::User
  Properties:
    UserName: !Sub ${AWS::StackName}-testing
    Groups:
      - !Ref ExampleGroup

ロール

ExampleRole:
  Type: AWS::IAM::Role
  Properties:
    RoleName: !Sub ${AWS::StackName}-testing
    ManagedPolicyArns:
      - !Ref AdminAccessPolicyArn
    AssumeRolePolicyDocument:
      Version: 2012-10-17
      Statement:
        - Effect: Allow
          Principal:
            Service:
              - ec2.amazonaws.com
            Action:
              - sts:AssumeRole
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin