Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
resources:
Resources:
IamRoleLambda:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
-
Effect: Allow
Principal:
Service: [lambda.amazonaws.com]
Action:
- 'sts:AssumeRole'
Path: /
IamPolicyLambda:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: '${stage}-${service}-lambda'
PolicyDocument:
Version: '2012-10-17'
Statement:
-
Effect: Allow
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource: 'arn:aws:logs:${region}:*:*'
-
Effect: Allow
Action:
- '*'
Resource: 'arn:aws:dynamodb:*'
Roles:
-
Ref: IamRoleLambda
IamPolicyLambdaInvocationDynamoDB:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: '${stage}-${service}-dynamo-stream-lambda'
PolicyDocument:
Version: '2012-10-17'
Statement:
-
Effect: Allow
Action:
- 'lambda:InvokeFunction'
Resource: '*'
-
Effect: Allow
Action:
- 'dynamodb:DescribeStream'
- 'dynamodb:GetRecords'
- 'dynamodb:GetShardIterator'
- 'dynamodb:ListStreams'
- 'dynamodb:PutItem'
- 'dynamodb:GetItem'
Resource: 'arn:aws:dynamodb:*'
Roles:
-
Ref: IamRoleLambda
dynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: '${service}-tableName-${stage}'
AttributeDefinitions:
-
AttributeName: Id
AttributeType: S
KeySchema:
-
AttributeName: Id
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
StreamSpecification:
StreamViewType: NEW_IMAGE
mapping:
Type: AWS::Lambda::EventSourceMapping
Properties:
BatchSize: 10
EventSourceArn:
Fn::GetAtt:
- dynamoDBTable
- StreamArn
FunctionName: '<lambda function ARN>'
StartingPosition: TRIM_HORIZON
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.