Showcase & Source Code

Implementation details

Setup

Setup

Type: AWS::Serverless::Function
Properties:
Layers: ["arn:aws:lambda:eu-west-1:209497400698:layer:php-80:9"]

Composer

What are the least privileges required for AWS SAM?

Policy

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"cloudformation:CreateChangeSet",
"cloudformation:GetTemplateSummary",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackEvents",
"cloudformation:DeleteStack",
"cloudformation:DescribeChangeSet",
"cloudformation:ExecuteChangeSet",
"iam:AttachRolePolicy",
"iam:CreateRole",
"iam:DeleteRole",
"iam:GetRole",
"iam:UntagRole",
"iam:ListRoleTags",
"iam:TagRole",
"iam:PassRole",
"iam:DetachRolePolicy",
"lambda:GetFunction",
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:GetFunctionConfiguration",
"s3:PutObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:cloudformation:((region)):((account-id)):stack/((stack-name))/*",
"arn:aws:cloudformation:((region)):aws:transform/Serverless-2016-10-31",
"arn:aws:iam::((account-id)):role/((stack-name))-*",
"arn:aws:lambda:((region)):((account-id)):function:((stack-name))-*",
"arn:aws:s3:::((deployment-bucket))/*"
]
}
]
}

Rizart Dokollari

Software Engineer @ https://www.hussle.com/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store