Skip to content

Principle of least privilege for IAM roles #89

Description

@samhstn

Currently we have some * permissions for our iam roles. It would be better to specify exactly which permissions we want to allow.

Places this should be addressed:

https://github.com/samhstn/samhstn/blob/1bcaf9deb2814ecb1c7695aebd3cba74964f70e8/infra/root/route53role.yml#L24-L27
https://github.com/samhstn/samhstn/blob/1bcaf9deb2814ecb1c7695aebd3cba74964f70e8/infra/samhstn/main.yml#L307-L311

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions