Closed briri closed 10 months ago
Thanks Brian - I added this to the UC3 Operations & Infrastructure Board
https://github.com/orgs/CDLUC3/projects/8/views/1
From: Brian Riley @.> Sent: Wednesday, September 28, 2022 10:46 AM To: CDLUC3/dmp-hub-cfn @.> Cc: Subscribed @.***> Subject: [CDLUC3/dmp-hub-cfn] Review IAM Roles and Policies (Issue #1)
CAUTION: EXTERNAL EMAIL
Review and scale back IAM Roles and Policies
— Reply to this email directly, view it on GitHubhttps://github.com/CDLUC3/dmp-hub-cfn/issues/1, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAGF4L3C5FN4CHO6TUIVBYLWAR76PANCNFSM6AAAAAAQYAL5BY. You are receiving this because you are subscribed to this thread.Message ID: @.***>
Marisa needs to request increased permissions for visibility in AWS Console to create budgets and cost monitors
Review and scale back IAM Roles and Policies
In most cases we used FullAccess for IAM permissions. We should coordinate with IAS to determine how to review the permissions that have actually been used by each resource and scale back the CF templates (and SAM template).