nakada0907/daisuke-iam-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10 commits 1 branch 0 tags 44 KiB
Commit graph

10 commits

This branch
This branch
All branches
Author SHA1 Message Date
Daisuke
b565fb3c4b feat: Expand CloudFormation and ELB permissions for infrastructure management 
- Add CloudFormation resource scanning permissions (DescribeResourceScan, ListResourceScans, StartResourceScan)
- Add CloudFormation template generation permissions (CreateGeneratedTemplate, UpdateGeneratedTemplate)
- Add S3 bucket encryption and public access block configuration permissions
- Expand ELB target group management (create, delete, tag, remove tags)
- Add ELB listener and rule management permissions (create, delete, modify)
- Update commit message generator skill documentation with format guidelines
 2026-01-10 19:46:55 +09:00
Daisuke
093489830d feat: add Lambda versioning and alias permissions to CloudFormation role 2026-01-04 14:11:35 +09:00
Daisuke
c23ec5c624 feat: add S3 write role for CLI users 2026-01-04 14:11:13 +09:00
Daisuke
4e533c005d feat: add permissions for ECR, S3, CodePipeline, CodeBuild, Lambda, and API Gateway 2026-01-04 12:40:23 +09:00
Daisuke
5ca77a5360 chore(github): add repository GitHub configuration 2026-01-03 20:34:47 +09:00
Daisuke
d6b591a815 feat(iam): update CloudFormation write role principal and permissions 2026-01-03 20:34:25 +09:00
Daisuke
c6eaeb96fb Subject: infra(roles): update CloudFormation write role permissions 
Body: Adjust IAM permissions in roles/cloudformation-write-role.yaml to ensure
CloudFormation has the required write access for stack operations.
 2026-01-02 18:13:00 +09:00
Daisuke
ebd5d751e2 Add AWS MCP policy and expand CloudFormation role permissions 
- Add new AWS MCP managed policy with permissions for MCP tool invocation
- Extend IAM permissions: add AttachRolePolicy and CreatePolicy actions
- Add ELB permissions for target group modification
- Add ECS permissions for task definition management (register/deregister/tag)
 2026-01-02 16:45:03 +09:00
Daisuke
c4cc90881e feat(iam): extend CloudFormation write role permissions for pipeline and events 
- allow setting ECR repository policies
- add IAM role lifecycle and PassRole permissions
- grant Secrets Manager read access
- enable S3 bucket notification updates
- allow CodePipeline updates
- allow EventBridge rule and target management
 2026-01-01 11:16:58 +09:00
Daisuke
ef8bceff67 Add CloudFormation write IAM role, managed policy, and repository README 2025-12-31 19:52:14 +09:00