Amplify lambda access dynamodb api resources policy
"AccessDynamoDBApiResourcesPolicy": { | |
"DependsOn": ["LambdaExecutionRole"], | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyName": "amplify-lambda-execution-policy", | |
"Roles": [ | |
{ | |
"Ref": "LambdaExecutionRole" | |
} | |
], | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"dynamodb:BatchWriteItem", | |
"dynamodb:List*", | |
"dynamodb:Query", | |
"dynamodb:Delete*" | |
], | |
"Resource": [ | |
{ | |
"Fn::Sub": [ | |
"arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}", | |
{ | |
"tablename": { | |
"Fn::ImportValue": { | |
"Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:PostTable:Name" | |
} | |
} | |
} | |
] | |
}, | |
{ | |
"Fn::Sub": [ | |
"arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}", | |
{ | |
"tablename": { | |
"Fn::ImportValue": { | |
"Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:CommentTable:Name" | |
} | |
} | |
} | |
] | |
}, | |
{ | |
"Fn::Sub": [ | |
"arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}/index/*", | |
{ | |
"tablename": { | |
"Fn::ImportValue": { | |
"Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:CommentTable:Name" | |
} | |
} | |
} | |
] | |
} | |
] | |
} | |
] | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment