Create an IAM Role for AMS to Use - AMS Advanced Onboarding Guide

Create an IAM Role for AMS to Use

  1. Your AMS Cloud Architect provides you with a JSON or YAML file that contains the IAM role AMS uses for creating infrastructure.

    Or you can use this to create the file yourself:

    { "AWSTemplateFormatVersion": "2010-09-09", "Description": "AMS Onboarding Role stack (for Prod)", "Parameters": {}, "Conditions": {}, "Resources": { "OnboardingRole": { "Type": "AWS::IAM::Role", "Properties": { "RoleName": "aws_managedservices_onboarding_role", "ManagedPolicyArns": ["arn:aws:iam::aws:policy/AdministratorAccess"], "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [{ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "AWS": ["328792436863"] } }] } } } } }
  2. Sign in to the AWS Management Console and open the AWS CloudFormation console at

  3. Choose Create Stack. You see the following page.

  4. Choose Upload a template file, upload the JSON or YAML file of the IAM role, and then choose Next. You see the following page.

  5. Enter ams-onboarding-role into the Stack name section and continue scrolling down and selecting next until you reach this page.

  6. Make sure the check box is selected and then select Create Stack.

  7. Make sure the stack was created successfully.