IAMAddStatementToRolePolicy

Adds IAM statement to existing IAM role resource. This pattern is useful when you want to merge multiple Coreograph’s auto-generated least privilege IAM policies from multiple Coreograph function resources together. For example, a lambda function that call ECS RunTask API to run an ECS task definition must have iam:PassRole permission so that the same set of permissions granted to the running ECS task definition (i.e. task role and task execution role) are passed to the lambda function.

This pattern extends the CloudFormation specification of existing resources. There is no CloudFormation resource created by this pattern.

IAMRole

Logical ID of AWS::IAM::Role resource to add the specified IAM policy statement.

IAMStatement

Valid CloudFormation syntax for IAM policy statement. See IAM JSON policy elements: Statement for more information.

None

FargateTaskNATGateway Example

FargateTaskNATGateway Example