add cloudformation policy to perform build.yaml cli commands

Author: samhstn

infra/codebuild.yaml

@@ -92,6 +92,13 @@ Resources:
                   - s3:PutObject
                   - s3:DeleteObject
                 Resource: arn:aws:s3:::samhstn.com/*
+              - Effect: Allow
+                Action:
+                  - cloudformation:ValidateTemplate
+                  - cloudformation:GetTemplate
+                  - cloudformation:CreateStack
+                  - cloudformation:UpdateStack
+                Resource: "*"
 
   Push:
     Type: AWS::CodeBuild::Project

infra/master-pipeline.yaml

@@ -44,8 +44,8 @@ Resources:
                   - codebuild:BatchGetBuilds
                   - codebuild:StartBuild
                 Resource:
-                  - !Sub "arn:aws:codebuild:${AWS::Region}:${AWS::AccountId}:project/Test"
                   - !Sub "arn:aws:codebuild:${AWS::Region}:${AWS::AccountId}:project/Build"
+                  - !Sub "arn:aws:codebuild:${AWS::Region}:${AWS::AccountId}:project/Test"
 
   GithubSecretParameter:
     Type: AWS::SecretsManager::Secret