hi I would like to create an IAM role that a Allows AssumeRo

Question

hi I would like to create an IAM role that a Allows AssumeRole b Has several Customer managed policies attached c Has several AWS managed policies attached What would the python pulumi format of such a role be

stocky-restaurant-98004 · Answer

First create the `aws iam Role` resource which requires the assume role policy For your custom policies create `aws iam Policy` and `aws iam RolePolicyAttachment` resources For AWS managed policies grab the ARN the console is one place to get them and just create `aws iam RolePolicyAttachment` resources and just set the policy ARN to the AWS managed policy

brash-restaurant-84207 · Answer

I have created the custom policies already in the actual code of the aws iam Role however do I reference the custom and aws managed policies in order to attach them or is that a separate process

stocky-restaurant-98004 · Answer

Attach your policies using `aws iam RolePolicyAttachment`

stocky-restaurant-98004 · Answer

One attachment per role policy ARN combo You can do these in a loop for the AWS policies at least

brash-restaurant-84207 · Answer

great thanks I was able to create the role and attach all relevant policies was a little stuck when it comes to assigning that role to an ec2 instance though

stocky-restaurant-98004 · Answer

Still stuck or are you all good now

brash-restaurant-84207 · Answer

Haven t progressed since