Specify exact role policies for codebuilds
Closed this issue · 0 comments
samhstn commented
We currently just use the BuildRole
role which has access to more resources than it needs.
We should follow the Grant Least Privilege
best practice principle.
This would involve having 2 or 3 roles in ./infra/codebuild.yaml
with finer grained permissions.