Skip to content

Missing permissions #21

New issue
New issue
Closed
#22
Closed
Missing permissions#21
#22
@Patrick-56Bit

Description

@Patrick-56Bit
Patrick-56Bit
opened on Nov 22, 2019

Kindly note the lambda-function module has a couple of missing permissions in the role as follows. These can be added using ManagedPolicyArns but would be great if they are added automatically as is already being done with other modules.

If the DeadLetterQueueModule is set, the following permission should be added:

- !If 
            - HasDeadLetterQueueModule
            - Effect: Allow
              Action:
              - 'sqs:SendMessage'
              Resource: {'Fn::ImportValue': !Sub '${DeadLetterQueueModule}-Arn'}
            - !Ref 'AWS::NoValue'

If the TracingConfigMode parameter is set to Active the following permission should be added:

          - !If 
            - HasActiveTracing
            - Effect: Allow
              Action:
              - 'xray:PutTraceSegments'
              Resource: '*'
            - !Ref 'AWS::NoValue'

Thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions