AWS::IAM::ManagedPolicy:

Properties:
  Description: "\"Managed Policy\""
  Path: "\"/path/\""
  Groups: |
    [ "GroupName" ]
  Roles: |
    [ "role name" ]
  Users: |
    [ "user name" ]
  PolicyDocument: |
    {
      "Version"   => "2012-10-17",
      "Statement" => [
        {
          "Effect" => "Allow",           
          "Action" => "rds:CreateDBInstance",
          "Resource" => FnJoin("", [ "arn:aws:rds:", Ref("AWS::Region"), ":", Ref("AWS::AccountId") , ":db:test*" ]), 
          "Condition" => {
            "StringEquals" => { "rds:DatabaseEngine" => "mysql" }
          }
        },
        {
          "Effect" => "Allow",           
          "Action" => "rds:CreateDBInstance",
          "Resource" => FnJoin("", ["arn:aws:rds:", Ref("AWS::Region"), ":", Ref("AWS::Region"), ":db:test*"]), 
          "Condition" => {
            "StringEquals" => { "rds:DatabaseClass" => "db.t2.micro" }
          }
        }
      ]
    }