Giters

gabrielkoo / aws-systemmanager-automation-roles

Generate IAM Roles for AWS System Manager Automation Documents

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

awsaws-configaws-config-rulesaws-systemmanageraws-automationaws-iamaws-roleiamdevops

aws-systemmanager-automation-roles

This repo contains a python script that generates a CloudFormation template defines roles that could be used by AWS System Manager's automation documents. Custom roles are sometimes required when the steps of an automation document contains the type aws:executeAwsApi, which could not be run by the default SSM service role.

These special roles correspond to some SSM Automation Documents, which could in fact be used in AWS Config automatic remedations.

# install dependencies
pip install -r requirements.txt

# configure your credentials here.
# permission for the user / role needed:
# - ssm:ListDocuments
# - ssm:GetDocument
aws configure

# save the CloudFormation template into file
python generate_roles.py > automation-roles.yml

About

Generate IAM Roles for AWS System Manager Automation Documents

awsaws-configaws-config-rulesaws-systemmanageraws-automationaws-iamaws-roleiamdevops

License:MIT License

Languages

Language:Python 100.0%