Can CloudFormation apply an inline policy to an IAM role (not managed policy)?

Topic Resolution: Resolved

I would like to create an inline policy for an IAM role that already exists. The policy will only be used for this specific IAM role, so we prefer not to create a managed IAM policy, can this be done with Cloudformation?

This topic has 1 reply, 2 voices, and was last updated 2 years, 1 month ago.

IAM

1 Answers

October 20, 2021 at 8:05 pm #480

Up
0
Down

I would like to create an inline policy for an IAM role that already exists. The policy will only be used for this specific IAM role, so we prefer not to create a managed IAM policy, can this be done with Cloudformation?

the_aok

October 20, 2021 at 10:44 pm #481

Up
1
Down

Yes, CloudFormation supports creating both managed and inline IAM policies and attaching them to already existing IAM roles, users or groups.

You can use the AWS::IAM::Policy resource (defined here https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html) and specify the IAM role name in the resource properties (Make sure you use this resource as opposed to AWS::IAM:ManagedPolicy).

Hope this helps!

abdulk
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

Save

You must be logged in to reply to this topic.