Closed ryan-roemer closed 5 years ago
vpc_iam
vpc_infra
vpc
Example CloudFormation IAM policies:
Resources: IamPolicyDeveloper: Properties: PolicyDocument: Statement: # VPC: Get VPC information in order to be able to deploy serverless # with `vpc:` configuration references. # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-policies-ec2-console.html - Effect: "Allow" Action: - ec2:DescribeSecurityGroups - ec2:DescribeVpcs - ec2:DescribeSubnets Resource: # Must be wildcard: https://iam.cloudonaut.io/reference/ec2.html - "*" IamPolicyLambdaExecution: Properties: PolicyDocument: Statement: # VPC: Create the VPC connection # https://docs.aws.amazon.com/lambda/latest/dg/vpc.html - Effect: "Allow" Action: - ec2:CreateNetworkInterface - ec2:DescribeNetworkInterfaces - ec2:DeleteNetworkInterface Resource: # Must be wildcard: https://iam.cloudonaut.io/reference/ec2.html - "*"
vpc_iam
IAM policiesvpc_infra
The actual VPC (Maybe split out to separate module if bring your own VPC?)vpc
includes bothvpc_iam
andvpc_infra
? Or don't dovpc_infra
and just document how to do a standard VPC and attach it in README.Example CloudFormation IAM policies: