Skip to content

Instantly share code, notes, and snippets.

@Console32

Console32/createLambdaRole.ts

Created July 24, 2019 09:18
Show Gist options
  • Save Console32/effe6faa0203d1b9f48efd149f0616cd to your computer and use it in GitHub Desktop.
Save Console32/effe6faa0203d1b9f48efd149f0616cd to your computer and use it in GitHub Desktop.
Download ZIP
medium.bastion-host.createLambdaRole.ts
Raw
createLambdaRole.ts
private createLambdaRole(): iam.Role {
const lambdaDocument = new iam.PolicyDocument();
const associateAddressStatement = new iam.PolicyStatement();
associateAddressStatement.addActions("ec2:AssociateAddress");
associateAddressStatement.addResources();
const logStatement = new iam.PolicyStatement()
logStatement.addActions("logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents");
logStatement.addAllResources()
lambdaDocument.addStatements(associateAddressStatement, logStatement);
return new iam.Role(this, "LambdaExecutionRole", {
assumedBy: new iam.ServicePrincipal("lambda.amazonaws.com"),
inlinePolicies: {
"AllowAssociateAddress": lambdaDocument
}
})
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment