This repository has been archived by the owner on Aug 12, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathaws-elasticbeanstalk-roles.json
105 lines (105 loc) · 3.4 KB
/
aws-elasticbeanstalk-roles.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"elasticBeanStalkAppRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
},
"RoleName": {
"Fn::Join": [
"-",
[
{
"Ref": "AWS::Region"
},
"elasticBeanStalkApp",
"role"
]
]
},
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier"
]
}
},
"elasticBeanStalkServiceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "elasticbeanstalk.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": "elasticbeanstalk"
}
}
}
]
},
"RoleName": {
"Fn::Join": [
"-",
[
{
"Ref": "AWS::Region"
},
"elasticBeanStalkService",
"role"
]
]
},
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService",
"arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth"
]
}
}
},
"Outputs": {
"rolestackName": {
"Value": {
"Ref": "AWS::StackName"
},
"Export": {
"Name": "elasticbeanstalk-rolestackName"
}
},
"elasticBeanStalkWebServerRole": {
"Value": {
"Ref": "elasticBeanStalkAppRole"
},
"Export": {
"Name": {
"Fn::Sub": "${AWS::StackName}-elasticBeanStalkWebServerRole"
}
}
},
"elasticBeanStalkServiceRole": {
"Value": {
"Ref": "elasticBeanStalkServiceRole"
},
"Export": {
"Name": {
"Fn::Sub": "${AWS::StackName}-elasticBeanStalkServiceRole"
}
}
}
}
}