Open matwerber1 opened 3 years ago
Maybe a bit late, but if anyone else comes here with the same question, it is created here
In aws-refarch-cross-account-pipeline/DevAccount/toolsacct-codepipeline-codecommit.yaml
:
Resources:
Role:
Type: AWS::IAM::Role
Properties:
RoleName: !Sub ToolsAcctCodePipelineCodeCommitRole
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
-
Effect: Allow
Principal:
AWS:
- !Ref ToolsAccount
Action:
- sts:AssumeRole
Path: /
The !Sub
there is actually irrelevant (cfn-linter even gives this warning), since there is no variable to substitute. So the !Sub can be removed.
Per link below:
https://github.com/awslabs/aws-refarch-cross-account-pipeline/blob/4f075e88cd5111a77a07d1e48a9ae625985f22cf/ToolsAcct/code-pipeline.yaml#L202
I can't find where this role is actually created, e.g.
AWS::IAM::Role
in CloudFormation. Where is this coming from?