From f3ce7098fd6158a72e33e3397df97be5bb033c75 Mon Sep 17 00:00:00 2001 From: Chris Park Date: Mon, 8 Jan 2024 10:18:18 +1030 Subject: [PATCH 1/2] adjust lambda:CreateEventSourceMapping scope to match application requirement --- packages/serverless-deploy-iam/bin/app.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/serverless-deploy-iam/bin/app.ts b/packages/serverless-deploy-iam/bin/app.ts index ec62987..1450960 100644 --- a/packages/serverless-deploy-iam/bin/app.ts +++ b/packages/serverless-deploy-iam/bin/app.ts @@ -147,7 +147,6 @@ export class ServiceDeployIAM extends cdk.Stack { "lambda:PutFunctionConcurrency", "lambda:DeleteEventSourceMapping", "lambda:UpdateEventSourceMapping", - "lambda:CreateEventSourceMapping", "lambda:CreateFunctionUrlConfig", "lambda:DeleteFunctionUrlConfig", "lambda:GetFunctionUrlConfig", @@ -160,7 +159,8 @@ export class ServiceDeployIAM extends cdk.Stack { resources: [`*`], actions: [ "lambda:GetEventSourceMapping", - "lambda:ListEventSourceMappings" + "lambda:ListEventSourceMappings", + "lambda:CreateEventSourceMapping" ] }, { From 22162c03aa43f5de528a40d8c45833700f82ec36 Mon Sep 17 00:00:00 2001 From: Chris Park Date: Mon, 8 Jan 2024 10:26:15 +1030 Subject: [PATCH 2/2] add lambda:DeleteFunctionConcurrency scope to match application requirement --- packages/serverless-deploy-iam/bin/app.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/serverless-deploy-iam/bin/app.ts b/packages/serverless-deploy-iam/bin/app.ts index 1450960..c6d3fd1 100644 --- a/packages/serverless-deploy-iam/bin/app.ts +++ b/packages/serverless-deploy-iam/bin/app.ts @@ -152,6 +152,7 @@ export class ServiceDeployIAM extends cdk.Stack { "lambda:GetFunctionUrlConfig", "lambda:ListFunctionUrlConfigs", "lambda:UpdateFunctionUrlConfig", + "lambda:DeleteFunctionConcurrency", ] }, {