Menu
I am checking to see if we could attach more than one IAM policy with cloud formation. I am already attaching an Managed Policy and i am able to attach and inline policy but wanted to check if i could attach more than one inline policy.
I would want to attach to the same role
1) Managed Policy 2) Inline Policy - 1 3) Inline Policy - 2
Thanks Nataraj
826
IAM groups You can attach up to 20 managed policies to IAM roles and users.
You can attach multiple policies to an identity, and each policy can contain multiple permissions. Consult these resources for details: For more information about the different types of IAM policies, see Policies and permissions in IAM.
To add an existing or new IAM managed policy to a new IAM role resource, use the ManagedPolicyArns property of resource type AWS::IAM::Role. To add a new IAM managed policy to an existing IAM role resource, use the Roles property of resource type AWS::IAM::ManagedPolicy.
This is completely possible. The relevant fields will be ManagedPolicyArns and Policies.
Resources:
RootRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
ManagedPolicyArns:
- 'arn:aws:iam::ACCOUNT_ID:policy/myname/ManagedPolicy'
Policies:
- PolicyName: "Inline Policy 1"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
- PolicyName: "Inline Policy 2"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "*"
Resource: "*"
For more details/callouts check out the documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
97
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
