Scope Down Permissions for SOCless Deployment Role
ubaniabalogun opened this issue · comments
SOCless is deployed using the serverless framework. Currently, the IAM permissions needed to deploy SOCless are not defined. This often leads SOCless users to deploy using *
permissions.
To improve the security of the SOCless framework, SOCless needs a permissions template for the SOCless deployment role that SOCless users can use for deployment. The permissions template would ideally provide the least-privilege access needed to successfully deploy SOCless.
Acceptance Criteria:
- A permissions template for the SOCless deployment user/role has been created, tested and added to the SOCless documentation and SOCless code-base
Helpful Resoures:
- This issue on the serverless framework github repo shows how an individual successfully scoped down the permissions they needed to deploy using the serverless framework serverless/serverless#1439
- This blog post discusses IAM permissions for the serverless framework https://www.serverless.com/blog/abcs-of-iam-permissions/