Can I pass JSON policy file as parameter value to s3bucket policy

428 Views Asked by Victor At 04 April 2025 at 10:32

Wondering if it's possible to have a policy defined in a .json file generated by the AWS policy generator and have that file passed into the cloudformation s3bucket policy as a parametervalue.

So the policy.json file looks something like the following:

{
  "Id": "Policyid",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmtid",
      "Action": [
        "s3:Get*",
        "s3:List*"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<bucket name>",
      "Principal": {
        "AWS": [
          "<user>"
        ]
      }
   }
 ]
}

Now I want to call with something like this

aws cloudformation create-stack --stack-name mystack --template-body file:///mystackcreation.json --parameter ParameterKey=PolicyDocument,ParameterValue=policy.json

Where mystackcreation.json is a test file which looks like

{
  "Parameters": {
    "PolicyDocument": {
    "Type": "String",
    "Description": ""
  }
},

"Resources" : {
  "S3BucketPolicy" : {
    "Type" : "AWS::S3::BucketPolicy",
    "Properties" : {
      "Bucket" : mybucket,
      "PolicyDocument" : { "Ref" : "PolicyDocument" }
      }
    }
  }
}

Original Q&A

Can I pass JSON policy file as parameter value to s3bucket policy

There are 0 best solutions below

Related Questions in JSON

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in AWS-CLOUDFORMATION

Related Questions in POLICY

Trending Questions

Popular # Hahtags

Popular Questions