resources/ram/managed-policy.yml

ROSTemplateFormatVersion: '2015-09-01'
Description:
  zh-cn: 创建RAM用户并绑定管理策略，策略允许所有操作于所有资源。
  en: Create RAM users and attach management policies, with policies permitting all
    operations on all resources.
Parameters:
  UserName:
    Type: String
    Description: Specifies the user name, containing up to 64 characters.
  PolicyName:
    Type: String
    Description: Policy name.
Resources:
  SubAccount:
    Type: ALIYUN::RAM::User
    Properties:
      UserName:
        Ref: UserName
  ManagePolicy:
    Type: ALIYUN::RAM::ManagedPolicy
    Properties:
      PolicyName:
        Ref: PolicyName
      PolicyDocument:
        Version: '1'
        Statement:
        - Action:
          - '*'
          Resource:
          - '*'
          Effect: Allow
      Users:
      - Fn::GetAtt:
        - SubAccount
        - UserName
    DependsOn: SubAccount
Outputs:
  PolicyName:
    Value:
      Fn::GetAtt:
      - ManagePolicy
      - PolicyName