CloudForms AWS IAM policies
To enable Cloudforms to connect to the AWS provider you need to following policies: AmazonEC2FullAccess AWSConfigUserAccess IAMReadOnlyAccess IAMUserSSHKeys AWSCloudFormationReadOnlyAccess As well as two custom policies CFMESNS { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “sns:*” ], “Resource”: “arn:aws:sns:us-east-1:${AWS-ACCT_ID}:AWSConfig_topic” } ] } CFMESQS { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “sqs:*”…
