· 5 years ago · Sep 01, 2020, 09:08 AM
1AWSTemplateFormatVersion: "2010-09-09"
2Description: A sample template
3Resources:
4 ProgrammaticAccessUser:
5 Type: AWS::IAM::User
6 Properties:
7 ManagedPolicyArns:
8 - arn:aws:iam::aws:policy/AdministratorAccess
9 UserName: 'tbublik'
10
11 ProgrammaticAccessUserKeys:
12 Type: AWS::IAM::AccessKey
13 Properties:
14 UserName: !Ref ProgrammaticAccessUser
15
16 EC2Role:
17 Type: AWS::IAM::Role
18 Properties:
19 AssumeRolePolicyDocument:
20 Version: "2012-10-17"
21 Statement:
22 -
23 Effect: "Allow"
24 Principal:
25 Service:
26 - "ec2.amazonaws.com"
27 Action:
28 - "sts:AssumeRole"
29 RoleName: 'EC2Role'
30 ManagedPolicyArns:
31 - arn:aws:iam::aws:policy/AmazonS3FullAccess
32
33 EC2InstanceProfile:
34 Type: AWS::IAM::InstanceProfile
35 Properties:
36 InstanceProfileName: 'EC2InstanceProfile'
37 Roles:
38 - !Ref EC2Role
39
40Outputs:
41 SecretKey:
42 Description: My Amazon programmatic secret key
43 Value: !GetAtt ProgrammaticAccessUserKeys.SecretAccessKey
44 Export:
45 Name: secretKey
46
47 EC2InstanceProfile:
48 Description: EC2 Instance Profile Name
49 Value: !Ref EC2InstanceProfile
50 Export:
51 Name: ec2ProfileName