Using List of IAM Policy Document Objects as AWS::Serverless::Function Policies
According to the documentation for AWS::Serverless::Function in the Serverless Application Model, it is possible to specify a list of IAM Policy Document Objects (PDO) for the Policies property of a Resource.
However, the AWS Toolkit for Visual Studio is flagging a syntax error when I try to define an IAM PDO:
Here is a full example of my Resources section:
"Resources": {
"Example" : {
"Type" : "AWS::Serverless::Function",
"Properties": {
"Handler": "Example::Example.Controllers.ExampleController::ExampleAction",
"Runtime": "dotnetcore2.0",
"CodeUri": "",
"MemorySize": 256,
"Timeout": 30,
"Policies": [{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
}],
"Events": {
"PutResource": {
"Type": "Api",
"Properties": {
"Path": "/{id}",
"Method": "GET"
}
}
}
}
}
}
Is there something I'm getting wrong, or is there an issue with either SAM or the AWS Toolkit syntax validation?
I just updated the VS CloudFormation schema. The problem should go away the next time you restart Visual Studio.
- AWS Codecommit - fatal: unable to access : The requested URL returned error: 403
- Access denied when put bucket policy on aws s3 bucket with root user (= bucket owner)
- Is PM2 necessary for running docker images through ECS?
- Xcode project fails to find the 'AmplifyModels' file that is generated for iOS project using AWS Amplify DataStore
- Getting 'Could not load credentials from any providers' error while using AWS-SDK in node.js
- Why MS Access works with SQL server ODBC via internet so slow?
- How to confirm user in Cognito User Pools without verifying email or phone?
- cannot set my elastic load balancer with https in cloudformation
- AWS Elastic Beanstalk logging with python (django)
- UnrecognizedClientException error when I try to enable "time to live" on local DynamoDB
- How do I unsubscribe my AWS organization from CloudTrail?
- Getting invalid_client error using next-auth for cognito
- Is it a possible to call a lambda in different account from the cloudformation one?
- Use ECR images in EKS from another account
- Parsing secrets from AWS secrets manager using AWS cli
- Error: pg_config executable not found i try to pip3 psycopg2 with python3.7
- Amazon S3 File Permissions, Access Denied when copied from another account
- AWS: Unused Elastic IP charges
- How to add CORS header to AWS API Gateway response with lambda proxy integration activate
- CORS Access-Control-* headers dropped from AWS Cloudfront Signed URL serving S3 bucket data on a custom domain
- Invalid request provided: AWS::ElasticLoadBalancingV2::ListenerRule Validation exception
- AWS RDS everyday reset my RDS password issue
- AWS CloudFront Leverage browser caching
- Difference between aws-cdk and aws-cdk-lib packages
- Why is it that an NLB in AWS does not require a Security Group?
- S3 policy to perform move action
- Visual Studio 2022: AWS Toolkit broken, won't let me reinstall
- "cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_'" on AWS Lambda using a layer
- AWS Textract InvalidParameterException
- Why is the Lambda Target Group unsupported when modifying a Listener using ALB Ingress Controller on EKS?