- log in to security tooling AWS account
- select IAM, policies, create policy
- choose JSON
- copy and paste the Domain Protect deploy policy
- replace
TERRAFORM_STATE_BUCKETwith your Terraform state S3 bucket name - replace
TERRAFORM_STATE_KEYwithdomain-protect - replace
SECURITY_AWS_ACCOUNT_IDwith your AccountID - ensure there are no errors or warnings
- press Next: Tags
- press Next: Review
- name policy
domain-protect-deploy - give an appropriate description
- press Create Policy