nakada0907/daisuke-iam-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
10 commits 1 branch 0 tags 43 KiB
Find a file
Exact
Daisuke b565fb3c4b feat: Expand CloudFormation and ELB permissions for infrastructure management 
- Add CloudFormation resource scanning permissions (DescribeResourceScan, ListResourceScans, StartResourceScan)
- Add CloudFormation template generation permissions (CreateGeneratedTemplate, UpdateGeneratedTemplate)
- Add S3 bucket encryption and public access block configuration permissions
- Expand ELB target group management (create, delete, tag, remove tags)
- Add ELB listener and rule management permissions (create, delete, modify)
- Update commit message generator skill documentation with format guidelines
2026-01-10 19:46:55 +09:00
.github/skills/commit-message-generator feat: Expand CloudFormation and ELB permissions for infrastructure management 2026-01-10 19:46:55 +09:00
policies feat: Expand CloudFormation and ELB permissions for infrastructure management 2026-01-10 19:46:55 +09:00
roles feat: Expand CloudFormation and ELB permissions for infrastructure management 2026-01-10 19:46:55 +09:00
README.md Add CloudFormation write IAM role, managed policy, and repository README 2025-12-31 19:52:14 +09:00

README.md

CloudFormation Write IAM Definitions

This repository defines IAM roles and policies for safely executing AWS CloudFormation operations via AssumeRole.

  • roles/cloudformation-write-role.yaml IAM role for CloudFormation execution, including ECR import permissions. Assumable by specified IAM Identity Center roles.

  • policies/cloudformation-write-policy.yaml Managed policy granting minimal CloudFormation write access. Intended for use via the execution role, not attached directly to users.