jefferyfry/gist:3ea163c050ca0dac7531e22938aec972

## gistfile1.txt
LaceworkAmazonSecurityLakeEventFunctionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      Path: /
      Policies:
        - PolicyName: AWS_AmazonSecurityLake_Operations
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Sid: AmazonSecurityLakeReadBucket
                Effect: Allow
                Action:
                  - s3:ListBucket
                  - s3:GetBucketLocation
                Resource:
                  - !Sub 'arn:aws:s3:::${AmazonSecurityLakeS3BucketName}'
                  - !Sub 'arn:aws:s3:::${AmazonSecurityLakeCacheS3Bucket}'
              - Sid: AmazonSecurityLakeWrite
                Effect: Allow
                Action:
                  - s3:PutObject
                  - s3:PutObjectAcl
                  - s3:GetObject
                  - s3:GetObjectAcl
                  - s3:DeleteObject
                  - s3:GetObjectAttributes
                Resource:
                  - !Sub 'arn:aws:s3:::${AmazonSecurityLakeS3BucketName}/*'
                  - !Sub 'arn:aws:s3:::${AmazonSecurityLakeCacheS3Bucket}/*'
      ManagedPolicyArns:
        - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole'
	LaceworkAmazonSecurityLakeEventFunctionRole:
	Type: AWS::IAM::Role
	Properties:
	AssumeRolePolicyDocument:
	Version: '2012-10-17'
	Statement:
	- Effect: Allow
	Principal:
	Service: lambda.amazonaws.com
	Action: sts:AssumeRole
	Path: /
	Policies:
	- PolicyName: AWS_AmazonSecurityLake_Operations
	PolicyDocument:
	Version: 2012-10-17
	Statement:
	- Sid: AmazonSecurityLakeReadBucket
	Effect: Allow
	Action:
	- s3:ListBucket
	- s3:GetBucketLocation
	Resource:
	- !Sub 'arn:aws:s3:::${AmazonSecurityLakeS3BucketName}'
	- !Sub 'arn:aws:s3:::${AmazonSecurityLakeCacheS3Bucket}'
	- Sid: AmazonSecurityLakeWrite
	Effect: Allow
	Action:
	- s3:PutObject
	- s3:PutObjectAcl
	- s3:GetObject
	- s3:GetObjectAcl
	- s3:DeleteObject
	- s3:GetObjectAttributes
	Resource:
	- !Sub 'arn:aws:s3:::${AmazonSecurityLakeS3BucketName}/*'
	- !Sub 'arn:aws:s3:::${AmazonSecurityLakeCacheS3Bucket}/*'
	ManagedPolicyArns:
	- !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole'