For any IAM or Identity Center User running configure, they must have the following permissions.
policy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "GrantPermissions",
            "Effect": "Allow",
            "Action": [
                "cloudformation:ListStacks",
                "cloudformation:GetTemplateSummary",
                "cloudformation:CreateStack",
                "cloudformation:DeleteStack",
                "cloudformation:DescribeStacks",
                "cloudformation:DescribeStackResources",
                "cloudformation:DescribeStackEvents",
                "cloudformation:ListStackResources",
                "iam:CreateRole",
                "iam:DeleteRole",
                "iam:PutRolePolicy",
                "iam:AttachRolePolicy",
                "iam:DeleteRolePolicy",
                "iam:TagRole",
                "iam:UntagRole",
                "iam:GetRole",
                "iam:UpdateAssumeRolePolicy",
                "iam:CreatePolicy",
                "iam:DeletePolicy",
                "iam:GetPolicy",
                "iam:ListPolicyVersions",
                "iam:CreatePolicyVersion",
                "iam:DeletePolicyVersion",
                "iam:GetPolicyVersion",
                "iam:TagPolicy",
                "iam:UntagPolicy",
                "iam:ListPolicyTags"
            ],
            "Resource": "*"
        },
        {
            "Sid": "DeployAndTeardown",
            "Effect": "Allow",
            "Action": [
                "ecr:CreateRepository",
                "ecr:DescribeRepositories",
                "ecr:DeleteRepository",
                "ecr:PutLifecyclePolicy",
                "eks:DescribeCluster",
                "eks:ListAccessEntries",
                "sqs:CreateQueue",
                "sqs:GetQueueUrl",
                "sqs:SendMessage",
                "s3:ListAllMyBuckets",
                "s3:DeleteObject",
                "s3:PutObject",
                "s3:CreateBucket",
                "s3:DeleteBucket",
                "s3:ListBucket",
                "dynamodb:CreateTable",
                "dynamodb:GetItem",
                "dynamodb:PutItem"
            ],
            "Resource": "*"
        }
    ]
}