cfn-amplifyRole.yaml

AWSTemplateFormatVersion: '2010-09-09'
Resources:
  AmplifyRole:
    Type: 'AWS::IAM::Role'
    Properties:
      RoleName: amplifyconsole-mcm-backend-role
      Description: IAM Role to deploy amplify mcm Project
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - amplify.amazonaws.com
            Action:
              - 'sts:AssumeRole'
      Path: /
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/AdministratorAccess-Amplify
        - arn:aws:iam::aws:policy/IAMReadOnlyAccess
      Policies:
        - PolicyName: communicationmanager-extended-policy
          PolicyDocument: # JSON policy document
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                - "ssm:*"
                - "ssm:AddTagsToResource"
                - "ssm:PutParameter"
                - "ssm:GetParametersByPath"
                - "ssm:GetParameters"
                - "ssm:GetParameter"
                - "iam:CreatePolicy"
                - "iam:CreatePolicyVersion"
                - "iam:AttachRolePolicy"
                Resource: '*'