chore(work): add Crossplane examples
This commit is contained in:
David Landry
parent
c3edbddce8
commit
31a9a4ce92
10 changed files with 375 additions and 0 deletions
|
|
@ -0,0 +1,23 @@
|
|||
I'm not sure what permissions are needed to create a UserPool. There is
|
||||
no AWS managed policies for creating/updating/deleting a UserPool. In the
|
||||
description of one of the managed Cognito policies, it says:
|
||||
|
||||
> You will need AWS account admin privileges to create new Cognito resources.
|
||||
|
||||
For my testing, I used the AdministratorAccess managed policy.
|
||||
|
||||
To follow the principle of least privilege, it's not clear which actions
|
||||
Crossplane needs access to it. Here is a list of some areas that it might
|
||||
touch:
|
||||
|
||||
* cognito-identity
|
||||
* cognito-ip
|
||||
* cognito-sync
|
||||
* iam
|
||||
* kinesis
|
||||
* lambda
|
||||
* sns
|
||||
* ses
|
||||
* mobiletargeting
|
||||
* acm
|
||||
* sms-voice
|
||||
Loading…
Add table
Add a link
Reference in a new issue