kencoba · September 22, 2024 08:04
diff --git a/01_IAMRole.yml b/01_IAMRole.yml
 AWSTemplateFormatVersion: '2010-09-09'
 Description: CloudFormation template to create an IAM Role and Instance Profile for EC2 to connect with AWS Systems Manager (Session Manager).

 Parameters:
  RoleName:
    Type: String
    Description: Name of the IAM Role for SSM Session Manager.
    Default: SSMRoleForEC2  # You can change the default value or provide it during stack creation

  InstanceProfileName:
    Type: String
    Description: Name of the Instance Profile to associate with the EC2 instance.
    Default: SSMInstanceProfile  # You can change the default value or provide it during stack creation

 Resources:
  # Create the IAM Role for EC2
  SSMRoleForEC2:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Ref RoleName  # Use the RoleName parameter
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service: ec2.amazonaws.com
            Action: sts:AssumeRole
      Path: "/"
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore

  # Create the Instance Profile and associate with the IAM Role
  SSMInstanceProfile:
    Type: AWS::IAM::InstanceProfile
    Properties:
      InstanceProfileName: !Ref InstanceProfileName  # Use the InstanceProfileName parameter
      Path: "/"
      Roles:
        - !Ref SSMRoleForEC2

 Outputs:
  InstanceProfileName:
    Description: The name of the IAM Instance Profile created for SSM
    Value: !Ref SSMInstanceProfile

  RoleName:
    Description: The IAM Role for SSM Session Manager
    Value: !Ref SSMRoleForEC2
	AWSTemplateFormatVersion: '2010-09-09'
	Description: CloudFormation template to create an IAM Role and Instance Profile for EC2 to connect with AWS Systems Manager (Session Manager).

	Parameters:
	RoleName:
	Type: String
	Description: Name of the IAM Role for SSM Session Manager.
	Default: SSMRoleForEC2 # You can change the default value or provide it during stack creation

	InstanceProfileName:
	Type: String
	Description: Name of the Instance Profile to associate with the EC2 instance.
	Default: SSMInstanceProfile # You can change the default value or provide it during stack creation

	Resources:
	# Create the IAM Role for EC2
	SSMRoleForEC2:
	Type: AWS::IAM::Role
	Properties:
	RoleName: !Ref RoleName # Use the RoleName parameter
	AssumeRolePolicyDocument:
	Version: '2012-10-17'
	Statement:
	- Effect: Allow
	Principal:
	Service: ec2.amazonaws.com
	Action: sts:AssumeRole
	Path: "/"
	ManagedPolicyArns:
	- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore

	# Create the Instance Profile and associate with the IAM Role
	SSMInstanceProfile:
	Type: AWS::IAM::InstanceProfile
	Properties:
	InstanceProfileName: !Ref InstanceProfileName # Use the InstanceProfileName parameter
	Path: "/"
	Roles:
	- !Ref SSMRoleForEC2

	Outputs:
	InstanceProfileName:
	Description: The name of the IAM Instance Profile created for SSM
	Value: !Ref SSMInstanceProfile

	RoleName:
	Description: The IAM Role for SSM Session Manager
	Value: !Ref SSMRoleForEC2