如何使用云形成在aws角色中拥有多个管理策略?

时间:2017-08-24 19:57:11

标签: amazon-web-services amazon-cloudformation

我有一个以下云形成脚本,我想为角色添加两个托管策略。

---
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Bringing up the whole stack
Resources:
# IAM role
   PublishingActionExecutionRole:
     Type: AWS::IAM::Role
     Properties:
      ManagedPolicyArns:
      - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      - arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
        - Action:
         - sts:AssumeRole
        Effect: Allow
        Principal:
          Service:
          - lambda.amazonaws.com

但是,当我运行此脚本时,它只添加第一个策略而不是第二个策略。

任何人都知道诀窍吗?

1 个答案:

答案 0 :(得分:0)

此模板似乎有效:

AWSTemplateFormatVersion: "2010-09-09"
Resources: 
  PublishingActionExecutionRole: 
    Type: "AWS::IAM::Role"
    Properties: 
      AssumeRolePolicyDocument: 
        Version: "2012-10-17"
        Statement: 
          - 
            Effect: "Allow"
            Principal: 
              Service: 
                - "lambda.amazonaws.com"
            Action: 
              - "sts:AssumeRole"
      ManagedPolicyArns:
      - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      - arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess
相关问题
最新问题