lambda-tools
Version:
Scripts for working with AWS Lambda backed microservices
132 lines (131 loc) • 3.93 kB
JSON
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"aaProjectName": {
"Type": "String",
"Default": "",
"AllowedValues": []
},
"aaStage": {
"Type": "String",
"Default": "dev"
},
"aaRegion": {
"Type": "String",
"Default": "us-east-1"
}
},
"Resources": {
"IamRoleLambda": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"IamInstanceProfileLambda": {
"Type": "AWS::IAM::InstanceProfile",
"DependsOn": [
"IamRoleLambda"
],
"Properties": {
"Path": "/",
"Roles": [
{
"Ref": "IamRoleLambda"
}
]
}
},
"IamGroupLambda": {
"Type": "AWS::IAM::Group",
"Properties": {
"Path": "/"
}
},
"IamPolicyLambda": {
"Type": "AWS::IAM::Policy",
"DependsOn": [
"IamRoleLambda",
"IamGroupLambda"
],
"Properties": {
"PolicyName": {
"Fn::Join": [
"_-_",
[
{
"Ref": "aaStage"
},
{
"Ref": "aaProjectName"
},
"lambda"
]
]
},
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": {
"Fn::Join": [
":",
[
"arn:aws:logs",
{
"Ref": "AWS::Region"
},
"*:*"
]
]
}
}
]
},
"Roles": [
{
"Ref": "IamRoleLambda"
}
],
"Groups": [
{
"Ref": "IamGroupLambda"
}
]
}
}
},
"Outputs": {
"IamRoleArnLambda": {
"Description": "ARN of the lambda IAM role",
"Value": {
"Fn::GetAtt": [
"IamRoleLambda",
"Arn"
]
}
}
}
}