Hi everyone I am playing around with kotless So far so good kotlinlang #kotless

Channels

fluid-libraries

jhipster-kotlin

effectivekotlin

effective-kotlin

android-architecture

algolialibraries

stayhungrystayfoolish

pattern-matching

kotlin-data-storage

skia-wasm-interop-temp

squarelibraries

beepiz-libraries

cscenter-course-2016

kotlin-foundation

compose-android

lambdaworld_cadiz

kotlin-pakistan

java-to-kotlin-refactoring

event21-community-content

fb-internal-demo

kotlinprogrammers

kotlinx-datetime

framework-elide

github-workflows-kt

library-development

arrow-contributors

spring-security

pocketgitclient

domain-driven-design

swiss-user-group

refactoring-to-kotlin

ohio-kotlin-users

introduce-yourself

kotlin-by-example

kotlin-multiplatform-contest

graviton-browser

tricity-kotlin-user-group

kotlin-in-action

android-databinding

kotlintest-devs

cincinnati-user-group

codemash-precompiler

kotlingforbeginners

prozis-android-backup

realworldkotlin

connect-audit-events

russian-kotlinasfirst

androidgithubprojects

intellij-tricks

machinelearningbawas

swagger-gradle-codegen

100daysofkotlin

competitive-programming

compose-ui-showcase

androidx-xprocessing

navigation-architecture-component

strife-discord-lib

embedded-kotlin

image-processing

myndocs-oauth2-server

leedskotlinusergroup

kotest-contributors

practical-functional-programming

kotlinultimatechallenge

k2-early-adopters

kotlinforbeginners

compose-desktop

competitivecoding

100daysofkotlin-2021

refreshversions

language-evolution

jvm-ir-backend-feedback

python-contributors

codingconventions

sofl-user-group

getting-started

language-proposals

intellij-plugins

Title

á

Álvaro Blázquez Checa

12/22/2021, 4:39 PM

Hi everyone. I am playing around with kotless. So far so good. And I am deploying my test project to aws. In order to do that I am trying to use an aws role with minimal permissions. In a real project could be problematic to use a role with full admin permissions.

For the most basic project kotless creates roles to enable lambada execution etc. But if you give iam:CreateRole permissions to “deployer role” you are giving pretty much everything to it.

has anyone faced this problem. Is there anyway to approach this without using roles or users with too broad permissions?

One solution I was thinking about is creating roles beforehand and importing them with terraform

this would imply manual step configuration before statarting with your CI/CD automation

but it is assumable

5 Views