create stacks with more generic role things

[awsible] / roles / vpcaccess-infrastructure / files / vpcaccess-policy.json

diff --git a/roles/vpcaccess-infrastructure/files/vpcaccess-policy.json b/roles/vpcaccess-infrastructure/files/vpcaccess-policy.json
new file mode 100644 (file)
index 0000000..acd5795
--- /dev/null
+++ b/roles/vpcaccess-infrastructure/files/vpcaccess-policy.json
@@ -0,0 +1,19 @@
+{
+       "Version": "2012-10-17",
+       "Statement": [
+               {
+                       "Sid": "Stmt1489423268000",
+                       "Effect": "Allow",
+                       "Action": [
+                               "ec2:AssociateAddress",
+                               "ec2:CreateRoute",
+                               "ec2:DeleteRoute",
+                               "ec2:DescribeRouteTables",
+                               "ec2:ModifyNetworkInterfaceAttribute"
+                       ],
+                       "Resource": [
+                               "*"
+                       ]
+               }
+       ]
+}
\ No newline at end of file