nakada0907/daisuke-iam-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
4 commits 1 branch 0 tags 44 KiB
Find a file
Daisuke c6eaeb96fb Subject: infra(roles): update CloudFormation write role permissions 
Body: Adjust IAM permissions in roles/cloudformation-write-role.yaml to ensure
CloudFormation has the required write access for stack operations.
2026-01-02 18:13:00 +09:00
policies Add AWS MCP policy and expand CloudFormation role permissions 2026-01-02 16:45:03 +09:00
roles Subject: infra(roles): update CloudFormation write role permissions 2026-01-02 18:13:00 +09:00
README.md Add CloudFormation write IAM role, managed policy, and repository README 2025-12-31 19:52:14 +09:00

README.md

CloudFormation Write IAM Definitions

This repository defines IAM roles and policies for safely executing AWS CloudFormation operations via AssumeRole.

  • roles/cloudformation-write-role.yaml IAM role for CloudFormation execution, including ECR import permissions. Assumable by specified IAM Identity Center roles.

  • policies/cloudformation-write-policy.yaml Managed policy granting minimal CloudFormation write access. Intended for use via the execution role, not attached directly to users.