foundation-super-admin-role.yaml
---

User Roles CloudFormation Deployment

This CloudFormation template will deploy IAM roles for use by Users of this account.

AWSTemplateFormatVersion: 2010-09-09 Description: "UITS Account Foundation: Super Admin IAM Role"

Resources

These are all of the resources deployed by this template.

Resources:

Role

This deploys a role with some tags.

IamSuperAdminRole: Type: AWS::IAM::Role Properties: RoleName: fdn-SuperAdmin AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Federated: !Sub arn:aws:iam::${AWS::AccountId}:saml-provider/UA_Shibboleth_IdP Action: sts:AssumeRoleWithSAML Condition: StringEquals: SAML:aud: https://signin.aws.amazon.com/saml ManagedPolicyArns: - arn:aws:iam::aws:policy/AdministratorAccess

Outputs

Output values that can be viewed from the AWS CloudFormation console.

Outputs: SecurityAnalystRoleArn: Description: The Super Admin role's ARN Value: !GetAtt IamSuperAdminRole.Arn