Least Privilege Role for Your AWS Static Site
Let’s say you’ve deployed a static site on our AWS account using Cloudfront and S3, such as described in Automated Static Site Deployment in AWS Using Terraform. When it comes time to update its content or tweak some settings, using an all-powerful AWS admin account is bad security practice (not to mention overkill). The Terraform Module I wrote the terraform-static-site-deploy-role Terraform module to make it easier to set up a role that grants just the right amount of access to manage a site’s AWS resources. What it does is quite simple: ...