I meet a problem when I try to deploy the serverless stack. For now, I have multiple:
- No IAM User that I can use for deploying
- An IAM Role with Admin privilege to be assumed by the central account
- the Account that the serverless stack is deployed
and a Central AWS Account:
- have IAM user to assume the IAM role in the Customer Accounts
And all the deployment is executed by Docker and Jenkins. So my question is how could I to use the AWS Credentials(access key and secret access key for the IAM user in the central AWS account) to deploy the serverless stack in the customer AWS Account?
For now, it throws out error:
User: arn:aws:iam::central_account:user/central-iam-user is not authorized to perform: cloudformation:ListStackResources on resource: arn:aws:cloudformation:us-east-1:customer-account:stack/project-name/*
Appreicated to the help of any kinds.