create IAM policy and role
gkpty opened this issue · comments
In the stack create an IAM policy and role.
The IAM policy should contain all permissions for read/write/list for the following resources (if they are included in stack)
- CloudFormationStack
- RootBucket
- WwwBucket
- HostedZone
- AcmCertificate
- CloudFrontDist
Additionally it should allow users to add a new policy to an IAM group (when they deploy a new stack)