AWS::IAM::Role Policy
Contains information about an attached policy.
An attached policy is a managed policy that has been attached to a user, group, or role.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "PolicyDocument" :
Json
, "PolicyName" :String
}
YAML
PolicyDocument:
Json
PolicyName:String
Properties
PolicyDocument
-
The entire contents of the policy that defines permissions. For more information, see Overview of JSON policies.
Required: Yes
Type: Json
Update requires: No interruption
PolicyName
-
The friendly name (not ARN) identifying the policy.
Required: Yes
Type: String
Pattern:
[\w+=,.@-]+
Minimum:
1
Maximum:
128
Update requires: No interruption
Examples
IAM Role Policy
This example shows how the policy document is declared.
JSON
{ "PolicyName": "root", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Sid": "IamListAccess", "Effect": "Allow", "Action": [ "iam:ListRoles", "iam:ListUsers" ], "Resource": "*" } ] } }
YAML
PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Sid: IamListAccess Effect: Allow Action: - 'iam:ListRoles' - 'iam:ListUsers' Resource: '*'
See also
-
PolicyDetail in the Amazon Identity and Access Management API Reference