AWS Lambda Create a Lambda Function with CloudFromation: Difference between revisions
Jump to navigation
Jump to search
| Line 36: | Line 36: | ||
Statement: | Statement: | ||
- Effect: 'Allow' | - Effect: 'Allow' | ||
Action: | |||
- 'logs:CreateLogGroup' | |||
- 'logs:CreateLogStream' | |||
- 'logs:PutLogEvents' | |||
Resource: | |||
- 'arn:aws:logs:*:*:*' | |||
- Effect: 'Allow' | |||
Action: | Action: | ||
- ' | - 'ec2:CreateNetworkInterface' | ||
- ' | - 'ec2:DescribeNetworkInterfaces' | ||
- ' | - 'ec2:DeleteNetworkInterface' | ||
Resource: | Resource: | ||
- '*' | |||
LambdaExample: | LambdaExample: | ||
Type: "AWS::Lambda::Function" | Type: "AWS::Lambda::Function" | ||
Revision as of 03:37, 8 April 2019
External
Internal
Resource Types
AWS::Lambda::Function
Resources:
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
RoleName: playground-lambda-execution-role
Path: /service-role/
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Principal:
Service:
- "lambda.amazonaws.com"
Action:
- "sts:AssumeRole"
Policies:
- PolicyName: 'inline-policy'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource:
- 'arn:aws:logs:*:*:*'
- Effect: 'Allow'
Action:
- 'ec2:CreateNetworkInterface'
- 'ec2:DescribeNetworkInterfaces'
- 'ec2:DeleteNetworkInterface'
Resource:
- '*'
LambdaExample:
Type: "AWS::Lambda::Function"
Properties:
FunctionName: my-lambda
Description: 'Some description'
Code:
S3Bucket: a-bucket
S3Key: a-deployment-package
# S3ObjectVersion: String
# ZipFile: String
Handler: handler
Runtime: java8
Environment:
Variables:
MY_ENV_VAR: 'my value'
VpcConfig:
SubnetIds:
- red-subnet
SecurityGroupIds:
- ...
MemorySize: 128
Role: !GetAtt LambdaExecutionRole.Arn
Timeout: Integer
ReservedConcurrentExecutions: Integer
DeadLetterConfig:
DeadLetterConfig
KmsKeyArn: String
Layers:
- String
TracingConfig:
TracingConfig
Tags:
Resource Tag