it's a good question. At the moment we don't have a specific list, we hope to produce one in the near future.
To provide a bit more context. The specific set of policies will be defined by the AWS services you are deploying. By default, Webiny is deploying an Api Gateway, Lambda functions, S3 and a CloudFront service. However, if you decide to introduce another service say DynamoDB you would need to change the IAM policy. There are permissions that your AWS IAM user has (which is used for deploying the resources), and then there is also a question of limiting the permissions of each of the deployed resources by creating a specific IAM policy for each of them. As you can see it's a complex task, but one that is quite important from the security perspective and it is on our priority list. Best way to stay up to date is to subscribe to our newsletter list on our website, and we will let you know once we release this update.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi Aleksey,
it's a good question. At the moment we don't have a specific list, we hope to produce one in the near future.
To provide a bit more context. The specific set of policies will be defined by the AWS services you are deploying. By default, Webiny is deploying an Api Gateway, Lambda functions, S3 and a CloudFront service. However, if you decide to introduce another service say DynamoDB you would need to change the IAM policy. There are permissions that your AWS IAM user has (which is used for deploying the resources), and then there is also a question of limiting the permissions of each of the deployed resources by creating a specific IAM policy for each of them. As you can see it's a complex task, but one that is quite important from the security perspective and it is on our priority list. Best way to stay up to date is to subscribe to our newsletter list on our website, and we will let you know once we release this update.