AWS SAM Lambda policy for OpenSearch-CodePudding

I couldn't get a valid IAM policy to work for a Lambda function to OpenSearch.

  Replicate:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: !Sub ${AWS::StackName}-Replicate
      Description: !Sub
        - Stack ${StackTagName} Environment ${EnvironmentTagName} Function ${ResourceName}
        - ResourceName: DBReplicate
      CodeUri: ../src/Replicate
      Handler: index.handler
      Runtime: nodejs16.x
      MemorySize: 3008
      Timeout: 30
      Tracing: Active
      Policies:
        - PolicyName: Access
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - es:*
            Resource:
              - arn:aws:es:eu-west-1:22222222222:domain/mynewdomain
              - DomainName: mynewdomain
      Events:
        MyDynamoDBtable:
          Type: DynamoDB
          Properties:
            Stream: !Ref TableStreamArn
            StartingPosition: TRIM_HORIZON
            BatchSize: 1

Running sam validate, I'm getting:

Policy at index 0 in the 'Policies' property is not valid

CodePudding user response：

Got the answer from another post, the structure was wrong, the correct way is: Add inline policy to aws SAM template

QueryFunction:
Type: AWS::Serverless::Function
Properties:
  CodeUri: query/
  Handler: app.lambda_handler
  Policies:
    - AmazonDynamoDBFullAccess
    - AWSLambdaVPCAccessExecutionRole
    - Version: '2012-10-17' # Policy Document
      Statement:
        - Effect: Allow
          Action:
            - dynamodb:*
          Resource: 'arn:aws:dynamodb:*:*:table/dynamo_db_table_endpoint'