aws-cloudformation-iam

Solid

Provides AWS CloudFormation patterns for IAM roles, policies, managed policies, permission boundaries, and trust relationships. Use when modeling least-privilege access, cross-account assumptions, service roles, or reusable IAM stacks that other CloudFormation templates consume.

DevOps & Infrastructure 261 stars 29 forks Updated 1 weeks ago MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%

Recency 20%

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# AWS CloudFormation IAM Security ## Overview Use this skill to model IAM with CloudFormation in a way that stays secure, auditable, and maintainable. The most important design concerns are: - separating trust policies from permission policies - preferring roles over long-lived users wherever possible - keeping least-privilege boundaries readable and reusable Do not treat `SKILL.md` as a full IAM encyclopedia. Use the bundled references for larger policy examples and service-specific variants. ## When to Use - Creating IAM roles for Lambda, ECS, EC2, Step Functions, or other AWS services - Defining inline policies, managed policies, and permission boundaries in CloudFormation - Modeling cross-account assume-role access with constrained trust policies - Exporting IAM role ARNs or managed policy ARNs to downstream stacks - Reviewing wildcard permissions, boundary drift, or role replacement risk - Creating reusable IAM stacks for platform or application teams ## Instructions ### 1. Define the trust boundary first Identify who or what assumes the role (service principal, cross-account principal, or federated identity), then write the trust policy with explicit principals and conditions before adding permissions. ### 2. Grant the minimum permission set Use inline policies for role-specific access; use managed policies for shared patterns across principals. Scope actions and resources tightly, and use conditions where possible. ### 3. Apply permission boundaries for del...

Details

Author: giuseppe-trisciuoglio
Repository: giuseppe-trisciuoglio/developer-kit
Created: 7 months ago
Last Updated: 1 weeks ago
Language: Python
License: MIT

Integrates with

LangChain · AI AWS · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

iam

AWS Identity and Access Management for users, roles, policies, and permissions. Use when creating IAM policies, configuring cross-account access, setting up service roles, troubleshooting permission errors, or managing access control.

1,111 Updated 5 days ago

itsmostafa

AI & Automation Featured

securing-aws-iam-permissions

This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce least privilege access across cloud accounts. It covers IAM policy scoping, permission boundaries, Access Analyzer integration, and credential rotation strategies to reduce the blast radius of compromised identities.

12,642 Updated today

mukul975

DevOps & Infrastructure Listed

aws-iam-best-practices

IAM policy review, hardening, and least privilege implementation

335 Updated today

aiskillstore

AI & Automation Featured

aws-iam-best-practices

IAM policy review, hardening, and least privilege implementation

39,227 Updated today

sickn33

DevOps & Infrastructure Solid

aws-cloudformation-security

Provides AWS CloudFormation patterns for security infrastructure including KMS encryption, Secrets Manager, IAM security, VPC security, ACM certificates, parameter security, outputs, and secure cross-stack references. Use when implementing security best practices, encrypting data, managing secrets, applying least privilege IAM policies, securing VPC configurations, managing TLS/SSL certificates, and implementing defense in depth strategies.

261 Updated 1 weeks ago

giuseppe-trisciuoglio