Role - Create Policy & Attach

", "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [".amazonaws.com"] }, "Action": ["sts:AssumeRole"] } ] }, "Path": "/" } }, "RolePolicies": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyName": "", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "", "Resource": "*" } ] }, "Roles": [ { "Ref": "Role" } ] } }, "RootInstancePr"> ", "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [".amazonaws.com"] }, "Action": ["sts:AssumeRole"] } ] }, "Path": "/" } }, "RolePolicies": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyName": "", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "", "Resource": "*" } ] }, "Roles": [ { "Ref": "Role" } ] } }, "RootInstancePr"> ", "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [".amazonaws.com"] }, "Action": ["sts:AssumeRole"] } ] }, "Path": "/" } }, "RolePolicies": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyName": "", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "", "Resource": "*" } ] }, "Roles": [ { "Ref": "Role" } ] } }, "RootInstancePr">

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "Role": {
      "Type": "AWS::IAM::Role",
      "Properties": {
        "RoleName": "<Role-Name>",
        "AssumeRolePolicyDocument": {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Effect": "Allow",
              "Principal": {
                "Service": ["<service name>.amazonaws.com"]
              },
              "Action": ["sts:AssumeRole"]
            }
          ]
        },
        "Path": "/"
      }
    },
    "RolePolicies": {
      "Type": "AWS::IAM::Policy",
      "Properties": {
        "PolicyName": "<Policy-Name>",
        "PolicyDocument": {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Effect": "Allow",
              "Action": "<Action>",
              "Resource": "*"
            }
          ]
        },
        "Roles": [
          {
            "Ref": "Role"
          }
        ]
      }
    },
    "RootInstanceProfile": {
      "Type": "AWS::IAM::InstanceProfile",
      "Properties": {
        "Path": "/",
        "Roles": [
          {
            "Ref": "Role"
          }
        ]
      }
    }
  },
  "Outputs": {
    "Role": {
      "Description": "Role-Name",
      "Value": { "Ref": "Role" },
      "Export": {
        "Name": { "Fn::Sub": "${AWS::StackName}-Role" }
      }
    },
    "Policy": {
      "Description": "Policy-Name",
      "Value": { "Ref": "RolePolicies" },
      "Export": {
        "Name": { "Fn::Sub": "${AWS::StackName}-Policy" }
      }
    }
  }
}