Home > Enterprise >  Converting IAM policy into Serverless framework syntax
Converting IAM policy into Serverless framework syntax

Time:07-14

I have the following AWS IAM policy:

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Deny",
         "Action":[
            "dynamodb:PartiQLSelect"
         ],
         "Resource":[
            "arn:aws:dynamodb:<region>:<account id>:table/MyDynamoDBTable"
         ],
         "Condition":{
            "Bool":{
               "dynamodb:FullTableScan":[
                  "true"
               ]
            }
         }
      }
   ]
}

How should this be represented in Serverless syntax? I'm not sure how to represent the condition and can't find any examples upon the Serverless website.

I'm guessing it's something like this:

  - Effect: Deny
    Action:
      - dynamodb:PartiQLSelect
    Resource: "arn:aws:dynamodb:<region>:<account id>:table/MyDynamoDBTable"
    Condition:
      - Not sure what to put here

Grateful thanks for any assistance!

CodePudding user response:

It is just a regular JSON to YAML conversion. Plenty of such tools online. But it should be:

- Effect: Deny
  Action:
    - dynamodb:PartiQLSelect
  Resource:
    - arn:aws:dynamodb:<region>:<account id>:table/MyDynamoDBTable
  Condition:
    Bool:
      dynamodb:FullTableScan: ['true']

Page link:https//www.codepudding.com/Enterprise/475347.html

Prev:Exception: The parameters (String) don't match the method signature for SpreadsheetApp.Range.se
Next:Does content encoding only compress for transmission, or also for persistent storage in S3?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding