탐색 도움말
로그인
LiuFan
/
PrivacyScanData
1
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: d0fdd49032
브랜치 태그
PrivacyScanD...
/
S3
/
NewFind
/
amazon-s3-find-and-forget-master
/
templates
/
role.yaml

role.yaml 884 B
히스토리 Raw

123456789101112131415161718192021222324252627282930313233 
  1. AWSTemplateFormatVersion: "2010-09-09"
    2. 

  2. Description: Amazon S3 Find and Forget Data Access IAM Role (uksb-1qjminsba)
    3. 

  3. 

  4. Parameters:
    5. 

  5.   SourceAccountId:
    6. 

  6.     Type: String
    7. 

  7.     Description: The ID of the AWS account in which the S3F2 solution is deployed
    8. 

  8.     AllowedPattern: "^[0-9]{12}$"
    9. 

  9. 

  10. Resources:
    11. 

  11.   Role:
    12. 

  12.     Type: "AWS::IAM::Role"
    13. 

  13.     Properties:
    14. 

  14.       RoleName: S3F2DataAccessRole
    15. 

  15.       AssumeRolePolicyDocument:
    16. 

  16.         Version: "2012-10-17"
    17. 

  17.         Statement:
    18. 

  18.         - Effect: "Allow"
    19. 

  19.           Principal:
    20. 

  20.             AWS:
    21. 

  21.             - !Sub "arn:${AWS::Partition}:iam::${SourceAccountId}:root"
    22. 

  22.           Action: "sts:AssumeRole"
    23. 

  23.         - Effect: "Allow"
    24. 

  24.           Principal:
    25. 

  25.             AWS:
    26. 

  26.             - !Sub "arn:${AWS::Partition}:iam::${SourceAccountId}:root"
    27. 

  27.           Action: "sts:TagSession"
    28. 

  28. 

  29. Outputs:
    30. 

  30.   RoleArn:
    31. 

  31.     Value: !GetAtt Role.Arn
    32. 

  32.   RoleName:
    33. 

  33.     Value: !Ref Role
    34.