Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "AppTierS3AccessRole": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Principal": {
- "Service": [ "ec2.amazonaws.com" ]
- },
- "Action": [ "sts:AssumeRole" ]
- }
- ]
- },
- "Path": "/",
- "Policies": [ { "Ref": "existing-policy" } ]
- }
- },
- ecrRole:
- Type: AWS::IAM::Role
- Properties:
- Path: "/"
- ManagedPolicyArns:
- - "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
- AssumeRolePolicyDocument:
- Version: '2012-10-17'
- Statement:
- - Effect: Allow
- Principal:
- Service:
- - ec2.amazonaws.com
- Action:
- - sts:AssumeRole
- "ManagedPolicy": {
- "Type": "AWS::IAM::ManagedPolicy",
- "Properties": {
- "Description": "something descriptive",
- "Groups": [ ... ref(s) for groups ... ],
- "Roles: [{"Ref":"AppTierS3AccessRole"}],
- "Users": [ ... ref(s) for users ... ],
- "PolicyDocument": {
- "Version": "2012-10-17",
- "Statement": [
- ...
- ]
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement