Skip to content

Commit

Permalink
Add permissions to assume cdk roles
Browse files Browse the repository at this point in the history
  • Loading branch information
@tnielsen2
tnielsen2 committed Jan 9, 2025
1 parent e309b04 commit dc1a0b9
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions lib/wmaug-management-infrastructure-sso.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,18 @@ export class Sso extends cdk.Stack {
const wmaugMemberPermissionSet = new sso.CfnPermissionSet(
this,
"wmaugMemberPermissionSet",
// allow members to assume deploy roles for manual deployment
{
inlinePolicy: {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Action: "sts:AssumeRole",
Resource: "arn:aws:iam::*:role/cdk-*",
},
],
},
instanceArn: instanceArnParam.valueAsString,
name: "wmaugMemberPermissionSet",
description: "Permission set WMAUG members will use",
Expand Down

0 comments on commit dc1a0b9

Please sign in to comment.