alvinypyim
commented
6 years ago Thank you all for the excellent work! Much appreciated!
Closed alvinypyim closed 6 years ago
alvinypyim
commented
6 years ago Thank you all for the excellent work! Much appreciated!
Firstly, thanks for the great work! Stackup can simplify the CloudFormation workflow a lot! But I cannot replace my Bash scripts for deploying CloudFormation stacks with Stackup yet.
It is because I cannot set the Service Role of the stacks as described in here https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html.
I understand that Stackup allows me to specify a role to assume for the stack operation. But it is different from the CloudFormation service role. To me, the key difference is that I can grant the CloudFormation service role to have very broad privileges without directly granting those privileges to the users' role, and the users cannot assume the service role directly. This means that the users are forced to use CloudFormation to manage the AWS resources which is good in terms of IaC compliance.
It will be great if Stackup can support CloudFormation service role. Thanks!