Amplify lambda access dynamodb api resources policy
| "AccessDynamoDBApiResourcesPolicy": { | |
| "DependsOn": ["LambdaExecutionRole"], | |
| "Type": "AWS::IAM::Policy", | |
| "Properties": { | |
| "PolicyName": "amplify-lambda-execution-policy", | |
| "Roles": [ | |
| { | |
| "Ref": "LambdaExecutionRole" | |
| } | |
| ], | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "dynamodb:BatchWriteItem", | |
| "dynamodb:List*", | |
| "dynamodb:Query", | |
| "dynamodb:Delete*" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::Sub": [ | |
| "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}", | |
| { | |
| "tablename": { | |
| "Fn::ImportValue": { | |
| "Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:PostTable:Name" | |
| } | |
| } | |
| } | |
| ] | |
| }, | |
| { | |
| "Fn::Sub": [ | |
| "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}", | |
| { | |
| "tablename": { | |
| "Fn::ImportValue": { | |
| "Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:CommentTable:Name" | |
| } | |
| } | |
| } | |
| ] | |
| }, | |
| { | |
| "Fn::Sub": [ | |
| "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}/index/*", | |
| { | |
| "tablename": { | |
| "Fn::ImportValue": { | |
| "Fn::Sub": "${apiGraphQLAPIIdOutput}:GetAtt:CommentTable:Name" | |
| } | |
| } | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment