By default, zappa has an extremely insecure and hand-wavey approach to permissions, which is to
This gist contains an IAM policy document that can be attached to a role, and/or to an IAM user, that will allow the IAM user to perform all of the ncessary actions required to deploy a zappa function.