IAM Template - TannerWeinacker/Capstone GitHub Wiki

---
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  IAMUser:
    Type: AWS::IAM::User
    Properties:
#!Sub is a substitution that will take the value of the stack that is being created. This will make the username unique
      UserName: !Sub '${AWS::StackName}-user'
      Policies:
        - PolicyName: !Sub '${AWS::StackName}-user-policy'
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - 'iam:CreateAccessKey'
                  - 'iam:ListAccessKeys'
                  - 'iam:GetUser'
# Account ID will be defined by the organization member that is running this template. 
                Resource: '*'
              - Effect: Allow
                Action:
                  - 'iam:GetLoginProfile'
                  - 'iam:ListMFADevices'
                  - 'iam:ListSSHPublicKeys'
                  - 'iam:ListAttachedUserPolicies'
                  - 'iam:ListGroups'
                Resource: '*'
      Tags:
        - Key: Name
          Value: !Sub '${AWS::StackName}-user'
  IAMAccessKey:
    Type: AWS::IAM::AccessKey
# DependsOn is a proptery that can be used to specify dependencies between resources in templates. In this example, this DependsOn will call back to the IAMUser Defined above
    DependsOn: IAMUser
    Properties:
      UserName: !Ref IAMUser
Outputs:
  IAMUserAccessKeyId:
    Description: The access key ID for the IAM user
    Value: !Ref IAMAccessKey
    Export:
      Name: !Sub '${AWS::StackName}-user-access-key-id'
  IAMUserSecretAccessKey:
    Description: The secret access key for the IAM user
    Value: !GetAtt IAMAccessKey.SecretAccessKey
    Export:
      Name: !Sub '${AWS::StackName}-user-secret-access-key'

Some of these things will need to be defined like user-secret-access-key and other resources