Closed aarcro closed 6 years ago
Have you found that creating roles with specific names is the pattern you follow? We tend to let AWS name our roles for us, and then make sure they are exported. The big reason for this is that whenever you use a *Name
attribute in cloudformation, it comes with the caveat that you can't ever do an operation that results in a replacement of that resource, which can lead to a lot of pain in the future.
I don't require specifically named Roles. I just couldn't workout at the time how to create a role at all.
This isn't setting RoleName, so I don't think that's an issue here, right?
Hey @aarcro - I went ahead and fixed the pep8 error that was in this (long line) and made a small modification to allow the subclassing of this blueprint & overriding a method to generate statements which get attached to a policy.
Thanks for the PR!
Simple solution that can create roles. Other blueprints will have to attach policies as needed.