How to use the cloudform/types/iam.default function in cloudform
To help you get started, we’ve selected a few cloudform examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
aws-amplify / amplify-cli / packages / appsync-elasticsearch-transformer / lib / resources.js View on Github 
{
Action: [
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:ListStreams"
],
Effect: "Allow",
Resource: [
cloudform_1.Fn.Join('/', [cloudform_1.Fn.GetAtt(ResourceFactory.DynamoDBTableLogicalID, 'Arn'), 'stream', '*'])
]
}
]
}
}),
new iam_1.default.Role.Policy({
PolicyName: 'CloudWatchLogsAccess',
PolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: "Allow",
Action: [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
Resource: "arn:aws:logs:*:*:*"
}
]
}
}){
Action: [
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:ListStreams"
],
Effect: "Allow",
Resource: [
cloudform_1.Fn.Join('/', [cloudform_1.Fn.GetAtt(amplify_graphql_transformer_common_1.ResourceConstants.RESOURCES.DynamoDBModelTableLogicalID, 'Arn'), 'stream', '*'])
]
}
]
}
}),
new iam_1.default.Role.Policy({
PolicyName: 'CloudWatchLogsAccess',
PolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: "Allow",
Action: [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
Resource: "arn:aws:logs:*:*:*"
}
]
}
})ResourceFactory.prototype.makeIAMRole = function (tableId) {
return new iam_1.default.Role({
RoleName: cloudform_1.Fn.Join('-', [cloudform_1.Refs.StackName, tableId, 'role']),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Principal: {
Service: 'appsync.amazonaws.com'
},
Action: 'sts:AssumeRole'
}
]
},
Policies: [
new iam_1.default.Role.Policy({
PolicyName: 'DynamoDBAccess',return new iam_1.default.Role({
RoleName: cloudform_1.Fn.Join('-', [cloudform_1.Refs.StackName, tableId, 'role']),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Principal: {
Service: 'appsync.amazonaws.com'
},
Action: 'sts:AssumeRole'
}
]
},
Policies: [
new iam_1.default.Role.Policy({
PolicyName: 'DynamoDBAccess',
PolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Action: [
'dynamodb:BatchGetItem',
'dynamodb:BatchWriteItem',
'dynamodb:PutItem',
'dynamodb:DeleteItem',
'dynamodb:GetItem',
'dynamodb:Scan',
'dynamodb:Query',
'dynamodb:UpdateItem'
],return new iam_1.default.Role({
RoleName: cloudform_1.Fn.Ref(amplify_graphql_transformer_common_1.ResourceConstants.PARAMETERS.ElasticSearchStreamingIAMRoleName),
AssumeRolePolicyDocument: {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Principal: {
Service: "lambda.amazonaws.com"
},
Action: "sts:AssumeRole"
}
]
},
Policies: [
new iam_1.default.Role.Policy({
PolicyName: 'ElasticSearchAccess',
PolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Action: [
"es:ESHttpPost",
"es:ESHttpDelete",
"es:ESHttpHead",
"es:ESHttpGet",
"es:ESHttpPost",
"es:ESHttpPut"
],
Effect: "Allow",
Resource: cloudform_1.Fn.Join('/', [
cloudform_1.Fn.GetAtt(amplify_graphql_transformer_common_1.ResourceConstants.RESOURCES.ElasticSearchDomainLogicalID, 'DomainArn'),return new iam_1.default.Role({
RoleName: cloudform_1.Fn.Ref(ResourceFactory.ParameterIds.StreamingIAMRoleName),
AssumeRolePolicyDocument: {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Principal: {
Service: "lambda.amazonaws.com"
},
Action: "sts:AssumeRole"
}
]
},
Policies: [
new iam_1.default.Role.Policy({
PolicyName: 'ElasticSearchAccess',
PolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Action: [
"es:ESHttpPost",
"es:ESHttpDelete",
"es:ESHttpHead",
"es:ESHttpGet",
"es:ESHttpPost",
"es:ESHttpPut"
],
Effect: "Allow",
Resource: cloudform_1.Fn.Join('/', [
cloudform_1.Fn.GetAtt(ResourceFactory.ElasticSearchDomainLogicalID, 'DomainArn'),cloudform
TypeScript-based imperative way to define AWS CloudFormation templates
Package Health Score
71 / 100Popular cloudform functions
- cloudform
- cloudform.ApiGateway
- cloudform.ApiGateway.BasePathMapping
- cloudform.CloudFront
- cloudform.default
- cloudform.Elasticsearch
- cloudform.Fn
- cloudform.Fn.GetAtt
- cloudform.Fn.ImportValue
- cloudform.Fn.Join
- cloudform.Fn.Ref
- cloudform.IAM.Role
- cloudform.Lambda
- cloudform.NumberParameter
- cloudform.Refs
- cloudform.Route53
- cloudform.Route53.RecordSet
- cloudform.StringParameter
- cloudform/types/appSync.default
- cloudform/types/iam.default