Skip to content

Instantly share code, notes, and snippets.

@xximjasonxx

xximjasonxx/Role.yaml

Created September 2, 2019 02:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save xximjasonxx/7caf21d83043310119ee46ffdaff3086 to your computer and use it in GitHub Desktop.
Save xximjasonxx/7caf21d83043310119ee46ffdaff3086 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Role.yaml
AWSTemplateFormatVersion: 2010-09-09
Description: "Creates infrastructure for Thumnbail Creator"
Resources:
AppRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
AWS: "*"
Service:
- lambda.amazonaws.com
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: "tc-s3-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "s3:*"
Resource: "*"
- PolicyName: "tc-lambda-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "lambda:*"
Resource: "*"
- PolicyName: "tc-xray-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "xray:*"
Resource: "*"
- PolicyName: "tc-logs-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "logs:*"
Resource: "arn:aws:logs:*:*:*"
- PolicyName: "tc-cloudwatch-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action: "cloudwatch:*"
Resource: "*"
- PolicyName: tc-rekognition-policy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action: rekognition:DetectLabels
Resource: "*"
- PolicyName: tc-dynamo-policy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "dynamodb:PutItem"
- "dynamodb:Scan"
- "dynamodb:GetItem"
- "dynamodb:Query"
Resource: "*"
RoleName: tc-role
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment