AWS Lambda Create a Lambda Function with CloudFromation: Difference between revisions
Jump to navigation
Jump to search
Line 36: | Line 36: | ||
Statement: | Statement: | ||
- Effect: 'Allow' | - Effect: 'Allow' | ||
Action: | |||
- 'logs:CreateLogGroup' | |||
- 'logs:CreateLogStream' | |||
- 'logs:PutLogEvents' | |||
Resource: | |||
- 'arn:aws:logs:*:*:*' | |||
- Effect: 'Allow' | |||
Action: | Action: | ||
- ' | - 'ec2:CreateNetworkInterface' | ||
- ' | - 'ec2:DescribeNetworkInterfaces' | ||
- ' | - 'ec2:DeleteNetworkInterface' | ||
Resource: | Resource: | ||
- '*' | |||
LambdaExample: | LambdaExample: | ||
Type: "AWS::Lambda::Function" | Type: "AWS::Lambda::Function" |
Revision as of 03:37, 8 April 2019
External
Internal
Resource Types
AWS::Lambda::Function
Resources: LambdaExecutionRole: Type: AWS::IAM::Role Properties: RoleName: playground-lambda-execution-role Path: /service-role/ AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: 'Allow' Principal: Service: - "lambda.amazonaws.com" Action: - "sts:AssumeRole" Policies: - PolicyName: 'inline-policy' PolicyDocument: Version: '2012-10-17' Statement: - Effect: 'Allow' Action: - 'logs:CreateLogGroup' - 'logs:CreateLogStream' - 'logs:PutLogEvents' Resource: - 'arn:aws:logs:*:*:*' - Effect: 'Allow' Action: - 'ec2:CreateNetworkInterface' - 'ec2:DescribeNetworkInterfaces' - 'ec2:DeleteNetworkInterface' Resource: - '*' LambdaExample: Type: "AWS::Lambda::Function" Properties: FunctionName: my-lambda Description: 'Some description' Code: S3Bucket: a-bucket S3Key: a-deployment-package # S3ObjectVersion: String # ZipFile: String Handler: handler Runtime: java8 Environment: Variables: MY_ENV_VAR: 'my value' VpcConfig: SubnetIds: - red-subnet SecurityGroupIds: - ... MemorySize: 128 Role: !GetAtt LambdaExecutionRole.Arn Timeout: Integer ReservedConcurrentExecutions: Integer DeadLetterConfig: DeadLetterConfig KmsKeyArn: String Layers: - String TracingConfig: TracingConfig Tags: Resource Tag