minor: Create VM Import/Export role/permissions

Author: ab77

.github/workflows/flowzone.yml

@@ -45,51 +45,6 @@ jobs:
       GH_APP_PRIVATE_KEY: ${{ secrets.GH_APP_PRIVATE_KEY }}
     with:
       jobs_timeout_minutes: 60
-      repo_config: true
       repo_description: "AWS/GitOps automation"
       repo_enable_auto_merge: true
       repo_enable_merge_commit: true
-      cloudformation_templates: >
-        {
-          "stacks": [
-            {
-              "name": "github-oidc-belodetek",
-              "template": "aws/aws-cf-templates/operations/github-openid-connect.yaml",
-              "params": [
-                "GitHubRestriction=repo:belodetek/cfn-generic-custom-resource:*,repo:belodetek/.github:*",
-                "RoleMaxSessionDuration=43200",
-                "ManagedPolicyArns=arn:aws:iam::aws:policy/AWSCloudFormationFullAccess,arn:aws:iam::aws:policy/AmazonS3FullAccess,arn:aws:iam::aws:policy/IAMFullAccess,arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser,arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser"
-              ],
-              "tags": [
-                "Name=github-oidc",
-                "Environment=belodetek",
-                "cost-function=shared",
-                "cost-type=iam"
-              ],
-              "capabilities": [
-                "CAPABILITY_IAM",
-                "CAPABILITY_NAMED_IAM"
-              ],
-              "role": "arn:aws:iam::312433241086:role/github-oidc-belodetek-Role-exdwzug18ntp"
-            },
-            {
-              "name": "cloudformation-s3-resources-playground",
-              "template": "aws/aws-cf-templates/state/s3.yaml",
-              "params": [
-                "BucketName=cfn-601eb2aa-79a1-11ee-a866-0efcede062c7-us-east-1",
-                "Versioning=false"
-              ],
-              "tags": [
-                "Name=cloudformation-s3-resources",
-                "Environment=belodetek",
-                "cost-function=shared",
-                "cost-type=cloudformation"
-              ],
-              "capabilities": [
-                "CAPABILITY_IAM",
-                "CAPABILITY_NAMED_IAM"
-              ],
-              "role": "arn:aws:iam::312433241086:role/github-oidc-belodetek-Role-exdwzug18ntp"
-            }
-          ]
-        }

aws-cf-templates.yaml

@@ -0,0 +1,31 @@
+---
+stacks:
+  - name: github-oidc-belodetek
+    template: aws/aws-cf-templates/operations/github-openid-connect.yaml
+    params:
+      - GitHubRestriction=repo:belodetek/cfn-generic-custom-resource:*,repo:belodetek/.github:*
+      - RoleMaxSessionDuration=43200
+      - ManagedPolicyArns=arn:aws:iam::aws:policy/AWSCloudFormationFullAccess,arn:aws:iam::aws:policy/AmazonS3FullAccess,arn:aws:iam::aws:policy/IAMFullAccess,arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser,arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser
+    tags:
+      - Name=github-oidc
+      - Environment=belodetek
+      - cost-function=shared
+      - cost-type=iam
+    capabilities:
+      - CAPABILITY_IAM
+      - CAPABILITY_NAMED_IAM
+    role: arn:aws:iam::312433241086:role/github-oidc-belodetek-Role-exdwzug18ntp
+  - name: cloudformation-s3-resources-playground
+    template: aws/aws-cf-templates/state/s3.yaml
+    params:
+      - BucketName=cfn-601eb2aa-79a1-11ee-a866-0efcede062c7-us-east-1
+      - Versioning=false
+    tags:
+      - Name=cloudformation-s3-resources
+      - Environment=belodetek
+      - cost-function=shared
+      - cost-type=cloudformation
+    capabilities:
+      - CAPABILITY_IAM
+      - CAPABILITY_NAMED_IAM
+    role: arn:aws:iam::312433241086:role/github-oidc-belodetek-Role-exdwzug18ntp