CloudFormation IAM Role -- AssumeRolePolicyDocument

amazon-web-services amazon-cloudformation amazon-iam amazon-policy
12,193

You can specify an AWS IAM user using the AWS key instead of Service as the Principal for a role policy document, including an AssumeRolePolicyDocument:

"Principal": { "AWS": "arn:aws:iam::AWS-account-ID:user/user-name" }

Refer to the Specifying a Principal section of the IAM Policy Elements Reference for full details.

Share:
12,193
Sam S.
Author by

Sam S.

Updated on June 07, 2022

Comments

  • Sam S.
    Sam S. almost 2 years

    So I'm constructing a cf stack for a role in AWS and I don't know how to go about the AssumeRolePolicyDocument field when designing a role that is not resource-based.

    All the examples I've tried to look up each have a specific AWS resource designated under the "Principal" field (e.g. "Service": "ec2.amazonaws.com").

    What's the correct way to go about the AssumeRolePolicyDocument field for roles that are designed for users, not resources?

    • wjordan
      wjordan about 7 years
      Could you provide more context on the problem you're trying to solve, for example, what sort of use-case are you designing the role for?
    • Sam S.
      Sam S. about 7 years
      This is just for a dev role for a specific engineering division. You answered the question perfectly below! Thanks.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Attach policy to a IAM Role
AWS Cloudformation: Invalid template resource property error
AWS CodePipeline error: Cross-account pass role is not allowed
AWS IAM Cloudformation YAML template errror: 'null' values are not allowed
CloudFormation is not authorized to perform: iam:PassRole on resource
AWS CloudFormation Stack update error: Requires capabilities : [CAPABILITY_IAM]
User is not authorized to perform: cloudformation:CreateStack
Enable logging S3 via cloudFormation template?
When do I need to have CAPABILITY_NAMED_IAM
AWS cloudformation: One big template file or many small ones?