Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
56 lines (55 sloc) 2.22 KB
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Configure the AWS-SystemsManager-AutomationAdministrationRole to enable use of AWS Systems Manager Cross Account/Region Automation execution.",
"Resources": {
"MasterAccountRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"RoleName": "AWS-SystemsManager-AutomationAdministrationRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ssm.amazonaws.com"
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "AssumeRole-AWSSystemsManagerAutomationExecutionRole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Resource": {
"Fn::Sub": "arn:${AWS::Partition}:iam::*:role/AWS-SystemsManager-AutomationExecutionRole"
}
},
{
"Effect": "Allow",
"Action": [
"organizations:ListAccountsForParent"
],
"Resource": [
"*"
]
}
]
}
}
]
}
}
}
}
You can’t perform that action at this time.