| LambdaRole: | |
| Type: 'AWS::IAM::Role' | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Version: '2012-10-17' | |
| Statement: | |
| - Effect: 'Allow' | |
| Principal: | |
| Service: 'lambda.amazonaws.com' | |
| Action: 'sts:AssumeRole' | |
| Path: '/' | |
| Policies: | |
| - PolicyName: 'LambdaRolePolicy' | |
| PolicyDocument: | |
| Version: '2012-10-17' | |
| Statement: | |
| - Effect: 'Allow' | |
| Action: | |
| - logs:CreateLogGroup | |
| - logs:CreateLogStream | |
| - logs:PutLogEvents | |
| Resource: 'arn:aws:logs:*:*:*' | |
| - Effect: 'Allow' | |
| Action: | |
| - dynamodb:DescribeStream | |
| - dynamodb:GetRecords | |
| - dynamodb:GetShardIterator | |
| - dynamodb:ListStreams | |
| Resource: !GetAtt OrderTable.StreamArn |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment