如何将默认策略应用于 AWS 中的 cloudformation 或 terraform？

Question

使用管理策略参数属性。以下是使用 CloudFormation 执行此操作的方法

DmsCloudwatchServiceRole:
    Type: AWS::IAM::Role
    Properties:
        RoleName: dms-cloudwatch-logs-role
        Description: "Role to allow DMS to write to Cloudwatch Logs. Role name must not be changed as DMS requires this exact role name."
        AssumeRolePolicyDocument:
            Version: 2012-10-17
            Statement:
                -
                    Effect: Allow
                    Principal:
                        Service:
                            - dms.amazonaws.com
                    Action:
                        - sts:AssumeRole
        Path: /
        ManagedPolicyArns:
         - arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole

我不能 100% 确定这是你问的问题，这个问题有点不精确。

Answer 1

使用管理策略参数属性。以下是使用 CloudFormation 执行此操作的方法

DmsCloudwatchServiceRole:
    Type: AWS::IAM::Role
    Properties:
        RoleName: dms-cloudwatch-logs-role
        Description: "Role to allow DMS to write to Cloudwatch Logs. Role name must not be changed as DMS requires this exact role name."
        AssumeRolePolicyDocument:
            Version: 2012-10-17
            Statement:
                -
                    Effect: Allow
                    Principal:
                        Service:
                            - dms.amazonaws.com
                    Action:
                        - sts:AssumeRole
        Path: /
        ManagedPolicyArns:
         - arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole

我不能 100% 确定这是你问的问题，这个问题有点不精确。

如何将默认策略应用于 AWS 中的 cloudformation 或 terraform？

答案1

相关内容