I’m new to SST, I’m new to this <lambda permission...
# helpd
Dan Van Brunt
09/10/2021, 7:30 PMI’m new to SST, I’m new to this lambda permissions property, that appears to just simply take in the instance of a resource. Is there any docs around this? I’m stumbling around CDK docs too to see if I missed some core functionality?
t
thdxr
09/10/2021, 7:35 PMHere are the different ways you can configure permissions: https://docs.serverless-stack.com/util/Permissions
d
Dan Van Brunt
09/10/2021, 8:02 PMThanks @thdxr This is great.
what if I need to give a lambda permissions to an “existing” SSM param? Something that is not defined in the CDK code. Unless there is a way to setup an SSM instance based on an existing ssm name?
Dan Van Brunt
09/10/2021, 8:04 PMIn this case do I just setup specific iam policies?
t
thdxr
09/10/2021, 8:30 PMyeah we should maybe make this easier. Here's what I do, not sure if there's an easier way
Copy code
new iam.PolicyStatement({
resources: [
`arn:aws:ssm:${app.region}:${app.account}:parameter/${app.stage}/*`,
],
actions: ["*"],
effect: iam.Effect.ALLOW,
}),thdxr
09/10/2021, 8:30 PMthat's for querying
/dev/*d
Dan Van Brunt
09/10/2021, 8:35 PMsweet
Dan Van Brunt
09/10/2021, 8:35 PMthanks
Dan Van Brunt
09/10/2021, 8:35 PMI like the use of the stage in the params too.