Permission errors when creating a stack

0

Hello

I am trying to create a stack in AWS and wanted to know if there a better way of adding the required permissions for the stack to complete than just trying to create the stack, viewing the permisson error, adding the permission to the user, trying to create the stack again. (Essentially trial and error)

I have done this about 40 times (have amassed 35 permissions!) and wanted to know is there a better way?

Thanks in advance.

Mihailo

asked 6 months ago167 views
1 Answer
3

Hi,

What you can do to be faster:

  1. execute your stack creation under a role with all privileges to allow it to go through
  2. Go then to CloudTrail to see all API calls made during the creation by CloudFormation
  3. Create a role with exactly the IAM authorizations corresponding to the API calls.

That is the fastest way I know to be able to define a role for CFN with least privileges.

Best,

Didier

profile pictureAWS
EXPERT
answered 6 months ago
profile picture
EXPERT
reviewed 6 months ago
profile picture
EXPERT
reviewed 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions