commit ca8c19

2026-03-13 03:56:05 Anonymous: created AWS account

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9

`tasks/prerequisites.md` ..
@@ 4,12 4,11 @@

	## AWS

-	- [x] IAM user `wikibot-admin` created with `AdministratorAccess` + `WikibotPermissionsBoundary`
-	- [x] Permissions boundary denies: EC2/RDS/Redshift/SageMaker/EKS/ECS/ElastiCache instances, IAM user/key creation, organizations access, non-us-east-1 regional services
-	- [x] API keys provisioned
+	- [x] Dev account (or sub-account) provisioned
+	- [x] IAM credentials with sufficient permissions for Pulumi (VPC, Lambda, EFS, DynamoDB, API Gateway, S3, CloudFront, Route 53, ACM, CloudWatch, WAF, Budgets)
	- [ ] Credentials available as environment variables or AWS profile
-	- [ ] Budget alarm: $50/mo (create via AWS Budgets console)
-	- [x] Region: us-east-1
+	- [ ] Budget alarm threshold: $50/mo for dev
+	- [ ] Region decided (suggested: us-east-1 for cheapest Lambda + API Gateway)

	## Pulumi

@@ 49,4 48,4 @@
	- [ ] packnplay configured (`packnplay configure` — enable git, ssh, gh, aws credentials)
	- [ ] Dev wiki MCP accessible from container — configure MCP endpoint as `http://host.docker.internal:8190/mcp` (not `localhost`) since container `localhost` is the container itself
	- [ ] Verify: `packnplay run --aws-creds claude` launches and can reach the wiki MCP
-	- [ ] Agent launch command documented: `packnplay run --aws-creds --worktree=<phase> claude --dangerously-skip-permissions`
\	No newline at end of file
+	- [ ] Agent launch command documented: `packnplay run --aws-creds --worktree=<phase> claude --dangerously-skip-permissions`