Feature/Option: VPC

[ryan-roemer]

• [ ] vpc_iam IAM policies
• [ ] vpc_infra The actual VPC (Maybe split out to separate module if bring your own VPC?)
• [ ] vpc includes both vpc_iam and vpc_infra? Or don't do vpc_infra and just document how to do a standard VPC and attach it in README.

Example CloudFormation IAM policies:

Resources:

  IamPolicyDeveloper:
    Properties:
      PolicyDocument:
        Statement:
        # VPC: Get VPC information in order to be able to deploy serverless
        # with `vpc:` configuration references.
        # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-policies-ec2-console.html
        - Effect: "Allow"
          Action:
          - ec2:DescribeSecurityGroups
          - ec2:DescribeVpcs
          - ec2:DescribeSubnets
          Resource:
          # Must be wildcard: https://iam.cloudonaut.io/reference/ec2.html
          - "*"

  IamPolicyLambdaExecution:
    Properties:
      PolicyDocument:
        Statement:
        # VPC: Create the VPC connection
        # https://docs.aws.amazon.com/lambda/latest/dg/vpc.html
        - Effect: "Allow"
          Action:
          - ec2:CreateNetworkInterface
          - ec2:DescribeNetworkInterfaces
          - ec2:DeleteNetworkInterface
          Resource:
          # Must be wildcard: https://iam.cloudonaut.io/reference/ec2.html
          - "*"