Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to attach a managed policy to a an IAM role using the CDK

I'm try to create a service role for AWS CodeBuild.

I can create a role like this:

from aws_cdk import aws_iam as iam

role = iam.Role(
    self, 'CodebuildServiceRole',
    assumed_by=iam.ServicePrincipal('codebuild.amazonaws.com'),
    max_session_duration=cdk.Duration.hours(1),
)

Now I need to attach the Amazon-provided AWSCodeBuildAdminAccess policy to the role. How can I do this using the CDK?


1 Answers

The accepted answer didn't work for me.

According to AWS, some policies have prefixes which needs to be included in the policy name supplied to the from_aws_managed_policy_name function. Here is the code that worked for me in JavaScript.

iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole')

service-role/ is the prefix in this case.

like image 98
Suresh Avatar answered Oct 25 '25 17:10

Suresh



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!