pub fn generate_aws_initial_setup_policy(
context: &PermissionContext,
) -> Result<AwsIamPolicy>Expand description
Generate a merged AWS IAM policy document containing setup provision permissions for the given platform.
This generates a complete setup policy covering every Frozen/setup resource type that setup can create. It intentionally excludes Live-only resources, which are created by Alien after setup.
Customer-facing output: “here’s the IAM policy you need to attach to
your admin role before running alien deploy up.”