Last active
April 13, 2018 21:56
-
-
Save adrianhall/1283004aa44676a062f2a1eac121f023 to your computer and use it in GitHub Desktop.
Some resources in CloudFormation for creating the Cognito SNS Role
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SNSRole: | |
| Type: AWS::IAM::Role | |
| Description: "An IAM Role to allow Cognito to send SNS messages" | |
| Properties: | |
| RoleName: !Sub ${APIName}-cognito-sns-role | |
| ManagedPolicyArns: | |
| - Ref: CognitoSNSPolicy | |
| AssumeRolePolicyDocument: | |
| Version: 2012-10-17 | |
| Statement: | |
| - Effect: Allow | |
| Action: | |
| - sts:AssumeRole | |
| Principal: | |
| Service: | |
| - cognito-idp.amazonaws.com | |
| DependsOn: | |
| - CognitoSNSPolicy | |
| CognitoSNSPolicy: | |
| Type: AWS::IAM::ManagedPolicy | |
| Properties: | |
| Description: Managed policy to allow Amazon Cognito to access SNS | |
| PolicyDocument: | |
| Version: 2012-10-17 | |
| Statement: | |
| - Effect: Allow | |
| Action: sns:publish | |
| Resource: "*" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment