Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include least-privileged-access IAM role for deploying the stack #238

Open
robbycuenot opened this issue May 2, 2023 · 1 comment
Open
Labels
enhancement triaged Has been triaged by solutions team

Comments

@robbycuenot
Copy link

I've deployed this solution successfully using an AWSAdministrator role, however I'd like to create a new role with least-privileged access. Generating this using the access analyzer in a Control Tower account is very clunky, as it is necessary to grant cross-account access to cloudtrail logs in a different account. Can a sample IAM role be added to this repository?

@WillAWS WillAWS added the triaged Has been triaged by solutions team label May 26, 2023
@WillAWS
Copy link
Contributor

WillAWS commented May 26, 2023

Thanks for the enhancement request. We will add this to our backlog to be evaluated for future releases. In the mean time, you could create your custom IAM role in Cloudformation and follow the deployment steps in the readme as a current work around.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement triaged Has been triaged by solutions team
Projects
None yet
Development

No branches or pull requests

2 participants