Document the set of least-required permissions required by Toolkit

[awschristou]

Is your feature request related to a problem? Please describe.

• it should be easy for users to understand what permissions are required for all features provided by the Toolkit (for example: allow lambda:ListFunctions is required so the toolkit can show all Lambda Functions)
• it should be easy (automated or guided walk through) for users to set up these permissions

Describe the solution you'd like Possible ideas, open for discussion:

• An AWS Managed policy
• living documentation, in a markdown file within the repo, containing JSON representing the policy, and instructions on how to define the policy, create a user, and associate user with the policy (instructions likely web console based, but maybe aws cli too)
  • as new/inbound code uses new service calls, the json policy must be updated as well