Create an IAM User

From @jayair on Mon Apr 10 2017 00:56:53 GMT+0000 (UTC)

Link to chapter - http://serverless-stack.com/chapters/create-an-iam-user.html

Copied from original issue: https://github.com/AnomalyInnovations/serverless-stack-com/issues/13

From @SherpaPsy on Thu Apr 20 2017 08:28:59 GMT+0000 (UTC)

I wonder if there is a way to reduce the security exposure this creates. I am going to do the cli development and testing on a small ec2 instance (which can be stopped and started to keep costs down), and assign a role to it rather than using credentials. This also bypasses the need to install the aws cli, and hopefully won’t present any issues installing required software!

It does not sound a good idea to me to grant admin permissions to serverless that can be triggered by any developer in continuous integration to execute custom script.
Is there a more limited policy version you recommend?
Should we separate the policy for cloud formation and the policy to deploy lambdas into existing resources?

Yeah for sure. These are meant to be used on your local machine.

For ones that you want to use in your CI, I would create a more restricted role. We talk about it a little here - https://seed.run/docs/customizing-your-iam-policy