IAM users Cloud Formation Template - Kahuna915/Capstone-Cloud-Integration GitHub Wiki

Using Cloud formation to create a new IAM user account

Example Syntax in YAML

Type: AWS::IAM::User
Properties: 
  Groups: 
    - String
  LoginProfile: 
    LoginProfile
  ManagedPolicyArns: 
    - String
  Path: String
  PermissionsBoundary: String
  Policies: 
    - Policy
  Tags: 
    - Tag
  UserName: String

Example Syntax in JSON

{
  "Type" : "AWS::IAM::User",
  "Properties" : {
      "Groups" : [ String, ... ],
      "LoginProfile" : LoginProfile,
      "ManagedPolicyArns" : [ String, ... ],
      "Path" : String,
      "PermissionsBoundary" : String,
      "Policies" : [ Policy, ... ],
      "Tags" : [ Tag, ... ],
      "UserName" : String
    }
}

Based off of the YAML template, this is a cloud formation script to create new users

---
AWSTemplateFormatVersion: 2010-09-09
Resources:
  CloudClassGroup:
    Type: 'AWS::IAM::Group'
    Properties:
      GroupName: CloudClass
  CloudClassUser1:
    Type: 'AWS::IAM::User'
    Properties:
      UserName: CloudClassUser1
      Groups:
        - !Ref CloudClassGroup
Outputs:
  CloudClassUser1Arn:
    Value: !GetAtt CloudClassUser1.Arn
    Description: The ARN of the CloudClassUser1 IAM user.

Breakdown

CloudClassGroup This defines the group that the user will be added to.
- !Ref CloudClassGroup is referencing the CloudClassGroup resources defined above, and will take the type and group name to add the user to that specific group.

Reference

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html