This folder contains an AWS CloudFormation template that creates an IAM Role that IAM Access Analyzer can use to examine CloudTrail logs and generate IAM Policies based on actual usage.
- template.yaml -- CloudFormation template that defines the the IAM Access Analyzer Role
- deploy.sh -- Bash script to deploy the template
See Creating a stack on the AWS CloudFormation console in the AWS CloudFormation documentation.
Setup the AWS CLI, and run the deploy.sh Bash script.
- AWS CLI
cfn-flip: https://github.com/awslabs/aws-cfn-template-flipjq: https://stedolan.github.io/jq/cfn-lint: https://github.com/aws-cloudformation/cfn-python-lint