UNPKG

@incdevco/framework

Version:

node.js lambda framework

github.com/incdevco/incdevco-framework

incdevco/incdevco-framework

79 lines 1.91 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "cloudwatch logs to firehose", "Outputs": { "SubscriptionRoleArn": { "Value": {"Fn::GetAtt": ["SubscriptionRole", "Arn"]} } }, "Parameters": {}, "Conditions": {}, "Mappings": {}, "Resources": { "SubscriptionRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": {"Fn::Join": ["", [ "logs.", {"Ref": "AWS::Region"}, ".amazonaws.com" ]]} }, "Action": "sts:AssumeRole" } ] }, "ManagedPolicyArns": [], "Path": "/", "Policies": [] } }, "SubscriptionPolicy": { "Type": "AWS::IAM::Policy", "DependsOn": [ "SubscriptionRole" ], "Properties": { "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect":"Allow", "Action":[ "firehose:*" ], "Resource":[ {"Fn::Join": ["", [ "arn:aws:firehose:", {"Ref": "AWS::Region"}, ":", {"Ref": "AWS::AccountId"}, ":*" ]]} ] }, { "Effect":"Allow", "Action":[ "iam:*" ], "Resource":[ {"Fn::GetAtt": ["SubscriptionRole", "Arn"]} ] } ] }, "PolicyName": "FirehosePermissions", "Roles": [ {"Ref": "SubscriptionRole"} ] } } } }