Created
March 24, 2016 06:24
-
-
Save mizucopo/17c2a694c1ac4c3f3057 to your computer and use it in GitHub Desktop.
Serverless CloudFormation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "The AWS CloudFormation template for this Serverless application's resources outside of Lambdas and Api Gateway", | |
| "Resources": { | |
| "IamRoleLambda": { | |
| "Type": "AWS::IAM::Role", | |
| "Properties": { | |
| "AssumeRolePolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": [ | |
| "lambda.amazonaws.com" | |
| ] | |
| }, | |
| "Action": [ | |
| "sts:AssumeRole" | |
| ] | |
| } | |
| ] | |
| }, | |
| "Path": "/" | |
| } | |
| }, | |
| "IamPolicyLambda": { | |
| "Type": "AWS::IAM::Policy", | |
| "Properties": { | |
| "PolicyName": "${stage}-${project}-lambda", | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogGroup", | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], | |
| "Resource": "arn:aws:logs:${region}:*:*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:ListBucket", | |
| "s3:ListAllMyBuckets", | |
| "s3:GetObject" | |
| ], | |
| "Resource": "arn:aws:s3:::*" | |
| } | |
| ] | |
| }, | |
| "Roles": [ | |
| { | |
| "Ref": "IamRoleLambda" | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "Outputs": { | |
| "IamRoleArnLambda": { | |
| "Description": "ARN of the lambda IAM role", | |
| "Value": { | |
| "Fn::GetAtt": [ | |
| "IamRoleLambda", | |
| "Arn" | |
| ] | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment