11 lines
510 B
Markdown
11 lines
510 B
Markdown
# CloudFormation Write IAM Definitions
|
|
|
|
This repository defines IAM roles and policies for safely executing AWS CloudFormation operations via `AssumeRole`.
|
|
|
|
- `roles/cloudformation-write-role.yaml`
|
|
IAM role for CloudFormation execution, including ECR import permissions.
|
|
Assumable by specified IAM Identity Center roles.
|
|
|
|
- `policies/cloudformation-write-policy.yaml`
|
|
Managed policy granting minimal CloudFormation write access.
|
|
Intended for use via the execution role, not attached directly to users.
|