Topic Resolution: Resolved
Can CloudFormation apply an inline policy to an IAM role (not managed policy)?

I would like to create an inline policy for an IAM role that already exists. The policy will only be used for this specific IAM role, so we prefer not to create a managed IAM policy, can this be done with Cloudformation?

1 Answers

  • #480
    Up
    0
    Down

    I would like to create an inline policy for an IAM role that already exists. The policy will only be used for this specific IAM role, so we prefer not to create a managed IAM policy, can this be done with Cloudformation?

    #481
    Up
    1
    Down

    Yes, CloudFormation supports creating both managed and inline IAM policies and attaching them to already existing IAM roles, users or groups.

    You can use the AWS::IAM::Policy resource (defined here https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html) and specify the IAM role name in the resource properties (Make sure you use this resource as opposed to AWS::IAM:ManagedPolicy).

    Hope this helps!

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.