mirror of
https://github.com/serverless/serverless.git
synced 2026-01-18 14:58:43 +00:00
139 lines
2.9 KiB
JSON
139 lines
2.9 KiB
JSON
{
|
|
"AWSTemplateFormatVersion": "2010-09-09",
|
|
"Description": "The AWS CloudFormation template for this Serverless application's resources outside of Lambdas and Api Gateway",
|
|
"Parameters": {
|
|
"aaProjectName": {
|
|
"Type": "String",
|
|
"AllowedValues": []
|
|
},
|
|
"aaProjectDomain": {
|
|
"Type": "String",
|
|
"Default": "myapp.com"
|
|
},
|
|
"aaStage": {
|
|
"Type": "String",
|
|
"AllowedValues": [
|
|
]
|
|
},
|
|
"aaDataModelStage": {
|
|
"Type": "String",
|
|
"AllowedValues": [
|
|
]
|
|
},
|
|
"aaNotficationEmail": {
|
|
"Type": "String",
|
|
"Default": "you@you.com"
|
|
},
|
|
"aaDefaultDynamoRWThroughput": {
|
|
"Type": "String",
|
|
"Default": "1"
|
|
}
|
|
},
|
|
"Resources": {
|
|
"IamRoleLambda": {
|
|
"Type": "AWS::IAM::Role",
|
|
"Properties": {
|
|
"AssumeRolePolicyDocument": {
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Effect": "Allow",
|
|
"Principal": {
|
|
"Service": [
|
|
"lambda.amazonaws.com"
|
|
]
|
|
},
|
|
"Action": [
|
|
"sts:AssumeRole"
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"Path": "/"
|
|
}
|
|
},
|
|
"IamInstanceProfileLambda": {
|
|
"Type": "AWS::IAM::InstanceProfile",
|
|
"Properties": {
|
|
"Path": "/",
|
|
"Roles": [
|
|
{
|
|
"Ref": "IamRoleLambda"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"IamGroupLambda": {
|
|
"Type": "AWS::IAM::Group",
|
|
"Properties": {
|
|
"Path": "/"
|
|
}
|
|
},
|
|
"IamPolicyLambda": {
|
|
"Type": "AWS::IAM::Policy",
|
|
"Properties": {
|
|
"PolicyName": {
|
|
"Fn::Join": [
|
|
"_-_",
|
|
[
|
|
{
|
|
"Ref": "aaStage"
|
|
},
|
|
{
|
|
"Ref": "aaProjectName"
|
|
},
|
|
"lambda"
|
|
]
|
|
]
|
|
},
|
|
"PolicyDocument": {
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"logs:CreateLogGroup",
|
|
"logs:CreateLogStream",
|
|
"logs:PutLogEvents"
|
|
],
|
|
"Resource": {
|
|
"Fn::Join": [
|
|
":",
|
|
[
|
|
"arn:aws:logs",
|
|
{
|
|
"Ref": "AWS::Region"
|
|
},
|
|
"*:*"
|
|
]
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"Roles": [
|
|
{
|
|
"Ref": "IamRoleLambda"
|
|
}
|
|
],
|
|
"Groups": [
|
|
{
|
|
"Ref": "IamGroupLambda"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Outputs": {
|
|
"IamRoleArnLambda": {
|
|
"Description": "ARN of the lambda IAM role",
|
|
"Value": {
|
|
"Fn::GetAtt": [
|
|
"IamRoleLambda",
|
|
"Arn"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|