Amazon Web Services Bootcamp
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

AWS CloudFormation

AWS CloudFormation provides an efficient way to create and manage AWS resources. We define the AWS resources in the template file, which can be either in JSON or YAML format. We will be covering CloudFormation examples in JSON format. We can add multiple AWS resources in a single template and refer to it as stack. We can create CloudFormation stack using the AWS Management Console, CLI, or SDK.

To create a customer-managed policy, we need to use the AWS::IAM::ManagedPolicy type as follows:

"AmazonS3FullAccess": {
   "Type": "AWS::IAM::ManagedPolicy",
   "Properties": {
     "ManagedPolicyName": "AmazonS3FullAccess",
     "Description": "S3 Full Access On my-bucket",
     "Path": "/",
     "PolicyDocument": {
       "Version": "2012-10-17",
       "Statement": [{
         "Effect": "Allow",
         "Action": [
           "s3:*"
         ],
         "Resource": "arn:aws:s3:::my-bucket"
       }]
     }
   }
 }

This will create a managed policy.

上一章目录下一章