Home > front end >  Adding managed policy aws with cdk
Adding managed policy aws with cdk

Time:01-26

I am trying to add a managed policy to a role that contains an account id:

    const role = iam.Role.fromRoleArn(
          this,
          'Role',
          `arn:aws:iam::${cdk.Stack.of(this).account}:role/example-role`,
        );
    
        role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonDynamoDBFullAccess'));
        role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonKinesisFullAccess'));

on the aws console i can't see the policy being added to the role.

fyi My aws-cli is logged with the right account.

enter image description here

CodePudding user response:

Unfortunately, CDK cannot modify imported resources. So the changes will go through, but will have no effect.

The proper way is to create the role with CDK, and add the policy in the same place where you're creating the role.

Here's a relevant excerpt from the documentation:

Although you can use an imported resource anywhere, you cannot modify the imported resource. For example, calling addToResourcePolicy (Python: add_to_resource_policy) on an imported s3.Bucket does nothing.

Page link:https//www.codepudding.com/frontend/276182.html

Prev:Mocking AWS session.Session() got AttributeError: 'function' object has no attribute '
Next:AWS EventBridge Rule Event Pattern
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding