{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "{\"createdOn\":\"Windows\",\"createdBy\":\"Amplify\",\"createdWith\":\"12.7.1\",\"stackType\":\"function-Lambda\",\"metadata\":{}}", "Parameters": { "modules": { "Type": "String", "Default": "", "Description": "Comma-delimited list of modules to be executed by a lambda trigger. Sent to resource as an env variable." }, "resourceName": { "Type": "String", "Default": "" }, "trigger": { "Type": "String", "Default": "true" }, "functionName": { "Type": "String", "Default": "" }, "roleName": { "Type": "String", "Default": "" }, "parentResource": { "Type": "String", "Default": "" }, "parentStack": { "Type": "String", "Default": "" }, "env": { "Type": "String" }, "deploymentBucketName": { "Type": "String" }, "s3Key": { "Type": "String" } }, "Conditions": { "ShouldNotCreateEnvResources": { "Fn::Equals": [ { "Ref": "env" }, "NONE" ] } }, "Resources": { "LambdaFunction": { "Type": "AWS::Lambda::Function", "Metadata": { "aws:asset:path": "./src", "aws:asset:property": "Code" }, "Properties": { "Handler": "index.handler", "FunctionName": { "Fn::If": [ "ShouldNotCreateEnvResources", "SherlockPostAuthentication", { "Fn::Join": [ "", [ "SherlockPostAuthentication", "-", { "Ref": "env" } ] ] } ] }, "Environment": { "Variables": { "ENV": { "Ref": "env" }, "MODULES": { "Ref": "modules" }, "REGION": { "Ref": "AWS::Region" } } }, "Role": { "Fn::GetAtt": [ "LambdaExecutionRole", "Arn" ] }, "Runtime": "nodejs18.x", "Timeout": 25, "Code": { "S3Bucket": { "Ref": "deploymentBucketName" }, "S3Key": { "Ref": "s3Key" } } } }, "LambdaExecutionRole": { "Type": "AWS::IAM::Role", "Properties": { "RoleName": { "Fn::If": [ "ShouldNotCreateEnvResources", "SherlockPostAuthentication", { "Fn::Join": [ "", [ "SherlockPostAuthentication", "-", { "Ref": "env" } ] ] } ] }, "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "lambda.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] } } }, "lambdaexecutionpolicy": { "DependsOn": [ "LambdaExecutionRole" ], "Type": "AWS::IAM::Policy", "Properties": { "PolicyName": "lambda-execution-policy", "Roles": [ { "Ref": "LambdaExecutionRole" } ], "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": { "Fn::Sub": [ "arn:aws:logs:${region}:${account}:log-group:/aws/lambda/${lambda}:log-stream:*", { "region": { "Ref": "AWS::Region" }, "account": { "Ref": "AWS::AccountId" }, "lambda": { "Ref": "LambdaFunction" } } ] } } ] } } } }, "Outputs": { "Name": { "Value": { "Ref": "LambdaFunction" } }, "Arn": { "Value": { "Fn::GetAtt": [ "LambdaFunction", "Arn" ] } }, "LambdaExecutionRole": { "Value": { "Ref": "LambdaExecutionRole" } }, "LambdaExecutionRoleArn": { "Value": { "Fn::GetAtt": [ "LambdaExecutionRole", "Arn" ] } }, "Region": { "Value": { "Ref": "AWS::Region" } } } }