github.com/aws-cloudformation/cloudformation-cli-go-plugin@v1.2.0/examples/github-repo/resource-role.yaml

github.com/aws-cloudformation/cloudformation-cli-go-plugin@v1.2.0/examples/github-repo/resource-role.yaml (about)

     1  AWSTemplateFormatVersion: "2010-09-09"
     2  Description: >
     3    This CloudFormation template creates a role assumed by CloudFormation
     4    during CRUDL operations to mutate resources on behalf of the customer.
     5  
     6  Resources:
     7    ExecutionRole:
     8      Type: AWS::IAM::Role
     9      Properties:
    10        MaxSessionDuration: 8400
    11        AssumeRolePolicyDocument:
    12          Version: '2012-10-17'
    13          Statement:
    14            - Effect: Allow
    15              Principal:
    16                Service: resources.cloudformation.amazonaws.com
    17              Action: sts:AssumeRole
    18        Path: "/"
    19        Policies:
    20          - PolicyName: ResourceTypePolicy
    21            PolicyDocument:
    22              Version: '2012-10-17'
    23              Statement:
    24                - Effect: Deny
    25                  Action:
    26                  - "*"
    27                  Resource: "*"
    28  Outputs:
    29    ExecutionRoleArn:
    30      Value:
    31        Fn::GetAtt: ExecutionRole.Arn