Merge branch 'feature/deployment-validation-ci' into 'develop'

Update automated pipeline test to use CloudFormationServiceRole and permission boundary arn

See merge request genaiic-reusable-assets/engagement-artifacts/genaiic-idp-accelerator!318

Author: rstrahan

.gitlab-ci.yml

@@ -16,6 +16,7 @@ image: public.ecr.aws/docker/library/python:3.13-bookworm
 
 stages:
   - developer_tests
+  - deployment_validation
   - integration_tests
 
 developer_tests:
@@ -93,4 +94,23 @@ integration_tests:
     - poetry install
     - make put
     - make wait
+
+deployment_validation:
+  stage: deployment_validation
+  rules:
+    - when: always
+
+  before_script:
+    - apt-get update -y
+    - apt-get install curl unzip python3-pip -y
+    # Install AWS CLI
+    - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
+    - unzip awscliv2.zip
+    - ./aws/install
+    # Install PyYAML for template analysis
+    - pip install PyYAML
+
+  script:
+    # Check if service role has sufficient permissions for main stack deployment
+    - python3 scripts/validate_service_role_permissions.py