Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "PermissionsToViewFunctionsInConsole",
- "Effect": "Allow",
- "Action": [
- "lambda:ListFunctions",
- "lambda:GetAccountSettings"
- ],
- "Resource": "*"
- },
- {
- "Sid": "PermissionsToCreateAndUpdateFunction",
- "Effect": "Allow",
- "Action": [
- "lambda:CreateFunction",
- "lambda:GetFunction",
- "lambda:UpdateFunctionCode"
- ],
- "Resource": [
- "arn:aws:lambda:region:AccountID:function:function_name"
- ]
- },
- {
- "Sid": "PermissionToUploadCodeFromS3",
- "Effect": "Allow",
- "Action": "s3:GetObject",
- "Resource": "arn:aws:s3:::S3BucketName/FileName.zip"
- },
- {
- "Sid": "PermissionToListExistingRoles",
- "Effect": "Allow",
- "Action": [
- "iam:ListRoles"
- ],
- "Resource": "*"
- },
- {
- "Sid": "PermissionToPassARole",
- "Effect": "Allow",
- "Action": [
- "iam:PassRole"
- ],
- "Resource": "arn:aws:iam::AccountID:role/role_name"
- },
- {
- "Sid": "ActionsWhichSupportResourceLevelPermissions",
- "Effect": "Allow",
- "Action": [
- "lambda:AddPermission",
- "lambda:RemovePermission",
- "lambda:CreateAlias",
- "lambda:UpdateAlias",
- "lambda:DeleteAlias",
- "lambda:UpdateFunctionCode",
- "lambda:UpdateFunctionConfiguration",
- "lambda:PutFunctionConcurrency",
- "lambda:DeleteFunctionConcurrency",
- "lambda:PublishVersion"
- ],
- "Resource": "arn:aws:lambda:region:AccountID:function:function_name"
- },
- {
- "Sid": "ActionsWhichSupportCondition",
- "Effect": "Allow",
- "Action": [
- "lambda:CreateEventSourceMapping",
- "lambda:UpdateEventSourceMapping",
- "lambda:DeleteEventSourceMapping"
- ],
- "Resource": "*",
- "Condition": {
- "StringEquals": {
- "lambda:FunctionArn": "arn:aws:lambda:region:AccountID:function:function_name"
- }
- }
- },
- {
- "Sid": "ActionsWhichDoNotSupportResourceLevelPermissions",
- "Effect": "Allow",
- "Action": [
- "lambda:UntagResource",
- "lambda:TagResource"
- ],
- "Resource": "*"
- },
- {
- "Sid": "PermissionsToViewRolesAndPolicies",
- "Effect": "Allow",
- "Action": [
- "iam:GetPolicy",
- "iam:GetPolicyVersion",
- "iam:GetRolePolicy",
- "iam:ListRoles",
- "iam:ListRolePolicies",
- "iam:ListAttachedRolePolicies"
- ],
- "Resource": "*"
- }
- ]
- }
Add Comment
Please, Sign In to add comment