patternModerate
What is the purpose of AssumeRolePolicyDocument in IAM?
Viewed 0 times
iamthewhatpurposeassumerolepolicydocument
Problem
I'm confused as to what the purpose of
It seems like to create a role all you need is a parent name that you can attach policies to.
It seems like
What is this doing?
AssumeRolePolicyDocument is.It seems like to create a role all you need is a parent name that you can attach policies to.
It seems like
AssumeRolePolicyDocument is that parent name but somehow there's more to it.What is this doing?
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": ["lambda.amazonaws.com"]
},
"Action": ["sts:AssumeRole"]
}
]
}Solution
The purpose of the
In your example it's granting the Lambda service the ability to assume
References
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
https://docs.aws.amazon.com/cli/latest/reference/iam/create-role.html
AssumeRolePolicyDocument is to contain the trust relationship policy that grants an entity permission to assume the role.In your example it's granting the Lambda service the ability to assume
References
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
https://docs.aws.amazon.com/cli/latest/reference/iam/create-role.html
Context
StackExchange DevOps Q#5094, answer score: 16
Revisions (0)
No revisions yet.