AWSTemplateFormatVersion: "2010-09-09" Description: This template describes an example resource type for an AWS::EC2::VPC resource lookup operation, and an IAM role assumed by CloudFormation to perform resource lookup operations on your behalf. Parameters: Env: Description: Name of the environment you plan to use. Type: String AllowedValues: - dev - alpha - beta - prod Default: alpha Resources: ResourceLookupRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: cloudformation.amazonaws.com Version: "2012-10-17" ManagedPolicyArns: - !Sub 'arn:${AWS::Partition}:iam::aws:policy/ReadOnlyAccess' Path: / RoleName: !Sub 'awscommunity-resource-lookup-setup-${Env}-${AWS::Region}' Tags: - Key: Name Value: AwsCommunityResourceLookup-LookupRole - Key: AppName Value: AwsCommunityResourceLookup TestVpc: Type: AWS::EC2::VPC Properties: CidrBlock: 10.0.0.0/16 EnableDnsHostnames: true EnableDnsSupport: true Tags: - Key: Name Value: TestOnly - Key: AppName Value: TestOnlyApp - Key: Env Value: !Ref 'Env' - Key: Owner Value: !Sub 'contract-test-only-test-team-${Env}' Outputs: ResourceLookupRoleArn: Value: !GetAtt ResourceLookupRole.Arn Export: Name: ResourceLookupRoleArn