In order to deploy the CloudFormation template, you will need to be running with a role in the AWS CLI or Console that has the correct permissions. Broadly speaking, your role needs to be able to:
If you do not have the required permissions, the stack deployment will fail and rollback. If this occurs, you'll need to get a user with permission to perform the above actions.
The CloudFormation template that we provide creates resources in your account. These resources give GorillaStack's AWS account to perform actions on your behalf in your AWS account.
The main resource is an IAM Role. Roles are typically assigned to principals (users or resources in an AWS account) to grant a set of permissions to that principal to perform actions in an AWS account. In this case, the principal is GorillaStack's AWS account, specified as part of the AssumeRole policy document in the Role.