Dan Van Brunt
10/05/2021, 2:08 PMpermissions
prop for a function?
permissions: [
[eventsBucket, 'headObject', 'getObject'],
[
new iam.PolicyStatement({
actions: ['ssm:*'],
effect: iam.Effect.ALLOW,
resources: [`arn:aws:ssm:${REGION}:${ACCOUNT_ID}:parameter${SSM_HUBSPOTAPIKEY}`],
}),
],
],
…this does not work.
in this case, do we have to use…
fun.attachPermissions([
new iam.PolicyStatement({
actions: ["execute-api:Invoke"],
effect: iam.Effect.ALLOW,
resources: [
`arn:aws:execute-api:${region}:${account}:${api.httpApiId}/*`,
],
}),
]);
thdxr
10/05/2021, 2:09 PMDan Van Brunt
10/05/2021, 2:11 PMDan Van Brunt
10/05/2021, 2:11 PMgetObject
is Type 'string' is not assignable to type 'undefined'.
Dan Van Brunt
10/05/2021, 2:12 PMDan Van Brunt
10/05/2021, 2:12 PMthdxr
10/05/2021, 2:15 PMthdxr
10/05/2021, 2:16 PMthdxr
10/05/2021, 2:16 PMDan Van Brunt
10/05/2021, 2:17 PMDan Van Brunt
10/05/2021, 2:17 PMthdxr
10/05/2021, 2:26 PMDan Van Brunt
10/05/2021, 2:37 PMDan Van Brunt
10/05/2021, 2:39 PMDan Van Brunt
10/05/2021, 2:41 PMgrantRead
does in CFN templateDan Van Brunt
10/05/2021, 2:41 PMPermits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan.
Dan Van Brunt
10/05/2021, 2:42 PM