Add IAM role(s)

[jbarciauskas]

Design an IAM policy that covers all the required access here and include it in the cloudformation template

[andreaswittig]

Are you asking for an IAM policy granting access to all the actions required to roll out the CloudFormation stacks?

[michaelwittig]

duplicate fo #7 ?

[jbarciauskas]

This is more about an IAM policy that covers administering the resources created by the stack, than the CloudFormation itself (though maybe it/s the same thing?)

[jbarciauskas]

I'm also misusing terms: I really mean role. I could see splitting this in two: An IAM role to bootstrap CF (so you don't have to do it as root) and then an IAM role for administration/accessing various mastodon resources