How can I allow specific lambda to access to a particular s3 bucket in the serverless.yml?
For example, I am porting file upload functionality to lambda by using serverless. To upload a file to a particular s3 bucket, I need to allow lambda to access to that s3 bucket. How can I do this in the serverless.yml?
从无服务器框架 - AWS Lambda 指南 - IAM:
要向此服务范围角色添加特定权限,请定义
provider.iamRoleStatements将合并到生成的策略中的语句。
service: new-service
provider:
name: aws
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:PutObject"
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- Ref: ServerlessDeploymentBucket