AWSTemplateFormatVersion: 2010-09-09
Resources:
  RootRole:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - lambda.amazonaws.com
                - ec2.amazonaws.com.cn
                - ecs-tasks.amazonaws.com
                - vpc-flow-logs.amazonaws.com
            Action:
              - 'sts:AssumeRole'
      Path: /
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 5a809822-8fad-40ca-bd0f-7aae64ae7b4a
  RolePolicies:
    Type: 'AWS::IAM::Policy'
    Properties:
      PolicyName: rota
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Action: '*'
            Resource: '*'
      Roles:
        - Ref: RootRole
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 41ab1589-d187-45a1-99aa-379280c9f643
  RootInstanceProfile:
    Type: 'AWS::IAM::InstanceProfile'
    Properties:
      Path: /
      Roles:
        - Ref: RootRole
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 15050a6e-6cfb-43ec-b19f-c3c3102187d3