diff --git a/aws-ffmpeg-layer/serverless.yml b/aws-ffmpeg-layer/serverless.yml index abed728c3..ce5ce18e1 100644 --- a/aws-ffmpeg-layer/serverless.yml +++ b/aws-ffmpeg-layer/serverless.yml @@ -1,5 +1,5 @@ service: gifmaker -frameworkVersion: ">=1.34.0 <2.0.0" +frameworkVersion: ">=2.24.0" provider: name: aws diff --git a/aws-golang-dynamo-stream-to-elasticsearch/serverless.yml b/aws-golang-dynamo-stream-to-elasticsearch/serverless.yml index 90b1130d3..19487f294 100644 --- a/aws-golang-dynamo-stream-to-elasticsearch/serverless.yml +++ b/aws-golang-dynamo-stream-to-elasticsearch/serverless.yml @@ -6,33 +6,34 @@ provider: environment: ELASTICSEARCH_URL: Fn::GetAtt: ["PuppySearch", "DomainEndpoint"] - - iamRoleStatements: - - Effect: Allow - Action: - - 'dynamodb:ListTables' - - 'dynamodb:DescribeTable' - - 'dynamodb:DescribeStream' - - 'dynamodb:ListStreams' - - 'dynamodb:GetShardIterator' - - 'dynamodb:BatchGetItem' - - 'dynamodb:GetItem' - - 'dynamodb:Query' - - 'dynamodb:Scan' - - 'dynamodb:DescribeReservedCapacity' - - 'dynamodb:DescribeReservedCapacityOfferings' - - 'dynamodb:GetRecords' - Resource: - - { "Fn::GetAtt": ["PuppyDemo", "Arn"] } - - Effect: Allow - Action: - - es:ESHttpPost - - es:ESHttpPut - - es:ESHttpDelete - - es:ESHttpGet - Resource: - - { "Fn::GetAtt": ["PuppySearch", "DomainArn"] } - - { "Fn::Join": ["", ["Fn::GetAtt": ["PuppySearch", "DomainArn"], "/*"]] } + iam: + role: + statements: + - Effect: Allow + Action: + - 'dynamodb:ListTables' + - 'dynamodb:DescribeTable' + - 'dynamodb:DescribeStream' + - 'dynamodb:ListStreams' + - 'dynamodb:GetShardIterator' + - 'dynamodb:BatchGetItem' + - 'dynamodb:GetItem' + - 'dynamodb:Query' + - 'dynamodb:Scan' + - 'dynamodb:DescribeReservedCapacity' + - 'dynamodb:DescribeReservedCapacityOfferings' + - 'dynamodb:GetRecords' + Resource: + - { "Fn::GetAtt": ["PuppyDemo", "Arn"] } + - Effect: Allow + Action: + - es:ESHttpPost + - es:ESHttpPut + - es:ESHttpDelete + - es:ESHttpGet + Resource: + - { "Fn::GetAtt": ["PuppySearch", "DomainArn"] } + - { "Fn::Join": ["", ["Fn::GetAtt": ["PuppySearch", "DomainArn"], "/*"]] } package: exclude: diff --git a/aws-golang-googlemap/serverless.yml b/aws-golang-googlemap/serverless.yml index 9ed1b7a89..580c38543 100644 --- a/aws-golang-googlemap/serverless.yml +++ b/aws-golang-googlemap/serverless.yml @@ -16,7 +16,7 @@ service: gomapservice # NOTE: update this with your service name # You can pin your service to only deploy with a specific Serverless version # Check out our docs for more details # frameworkVersion: "=X.X.X" -frameworkVersion: ">=1.28.0 <2.0.0" +frameworkVersion: ">=2.24.0" provider: name: aws @@ -29,20 +29,22 @@ provider: region: ap-southeast-1 # you can add statements to the Lambda function's IAM Role here -# iamRoleStatements: -# - Effect: "Allow" -# Action: -# - "s3:ListBucket" -# Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ] ] } -# - Effect: "Allow" -# Action: -# - "s3:PutObject" -# Resource: -# Fn::Join: -# - "" -# - - "arn:aws:s3:::" -# - "Ref" : "ServerlessDeploymentBucket" -# - "/*" +# iam: +# role: +# statements: +# - Effect: "Allow" +# Action: +# - "s3:ListBucket" +# Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ] ] } +# - Effect: "Allow" +# Action: +# - "s3:PutObject" +# Resource: +# Fn::Join: +# - "" +# - - "arn:aws:s3:::" +# - "Ref" : "ServerlessDeploymentBucket" +# - "/*" # you can define service wide environment variables here # environment: diff --git a/aws-golang-http-get-post/serverless.yml b/aws-golang-http-get-post/serverless.yml index a98976254..060c867ef 100644 --- a/aws-golang-http-get-post/serverless.yml +++ b/aws-golang-http-get-post/serverless.yml @@ -16,7 +16,7 @@ service: goservice # NOTE: update this with your service name # You can pin your service to only deploy with a specific Serverless version # Check out our docs for more details # frameworkVersion: "=X.X.X" -frameworkVersion: ">=1.28.0 <2.0.0" +frameworkVersion: ">=2.24.0" provider: name: aws @@ -26,21 +26,24 @@ provider: # stage: dev # region: us-east-1 + # you can add statements to the Lambda function's IAM Role here -# iamRoleStatements: -# - Effect: "Allow" -# Action: -# - "s3:ListBucket" -# Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ] ] } -# - Effect: "Allow" -# Action: -# - "s3:PutObject" -# Resource: -# Fn::Join: -# - "" -# - - "arn:aws:s3:::" -# - "Ref" : "ServerlessDeploymentBucket" -# - "/*" +# iam: +# role: +# statements: +# - Effect: "Allow" +# Action: +# - "s3:ListBucket" +# Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ] ] } +# - Effect: "Allow" +# Action: +# - "s3:PutObject" +# Resource: +# Fn::Join: +# - "" +# - - "arn:aws:s3:::" +# - "Ref" : "ServerlessDeploymentBucket" +# - "/*" # you can define service wide environment variables here # environment: diff --git a/aws-golang-rest-api-with-dynamodb/serverless.yml b/aws-golang-rest-api-with-dynamodb/serverless.yml index 6749c1964..099a46dcb 100644 --- a/aws-golang-rest-api-with-dynamodb/serverless.yml +++ b/aws-golang-rest-api-with-dynamodb/serverless.yml @@ -1,23 +1,25 @@ app: aws-golang-rest-api-with-dynamodb service: aws-golang-rest-api-with-dynamodb -frameworkVersion: ">=1.1.0 <=2.1.1" +frameworkVersion: ">=2.24.0" provider: name: aws runtime: go1.x environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: diff --git a/aws-golang-s3-file-replicator/serverless.yml b/aws-golang-s3-file-replicator/serverless.yml index 614122479..32705772b 100644 --- a/aws-golang-s3-file-replicator/serverless.yml +++ b/aws-golang-s3-file-replicator/serverless.yml @@ -1,5 +1,5 @@ service: aws-golang-s3-file-replicator -frameworkVersion: ">=1.28.0 <2.0.0" +frameworkVersion: ">=2.24.0" custom: inputBucket: replicator-input-101 @@ -12,15 +12,17 @@ provider: region: ap-northeast-1 memorySize: 128 timeout: 30 - iamRoleStatements: - - Effect: Allow - Action: - - s3:* - Resource: "arn:aws:s3:::${self:custom.outputBucket}/*" - - Effect: Allow - Action: - - s3:* - Resource: "arn:aws:s3:::${self:custom.inputBucket}/*" + iam: + role: + statements: + - Effect: Allow + Action: + - s3:* + Resource: "arn:aws:s3:::${self:custom.outputBucket}/*" + - Effect: Allow + Action: + - s3:* + Resource: "arn:aws:s3:::${self:custom.inputBucket}/*" package: exclude: diff --git a/aws-node-dynamodb-backup/serverless.yml b/aws-node-dynamodb-backup/serverless.yml index db56f3a6b..22e8120d1 100644 --- a/aws-node-dynamodb-backup/serverless.yml +++ b/aws-node-dynamodb-backup/serverless.yml @@ -9,18 +9,20 @@ provider: name: aws runtime: nodejs12.x stage: staging - iamRoleStatements: - - Effect: Allow - Action: - - s3:PutObject - Resource: "arn:aws:s3:::${self:custom.bucket}/${self:custom.prefix}/${self:custom.dynamoDBTableName}/*" - - Effect: Allow - Action: - - "dynamodb:GetRecords" - - "dynamodb:GetShardIterator" - - "dynamodb:DescribeStream" - - "dynamodb:ListStreams" - Resource: "arn:aws:dynamodb:ap-southeast-1:*:table/${self:custom.dynamoDBTableName}/stream/*" + iam: + role: + statements: + - Effect: Allow + Action: + - s3:PutObject + Resource: "arn:aws:s3:::${self:custom.bucket}/${self:custom.prefix}/${self:custom.dynamoDBTableName}/*" + - Effect: Allow + Action: + - "dynamodb:GetRecords" + - "dynamodb:GetShardIterator" + - "dynamodb:DescribeStream" + - "dynamodb:ListStreams" + Resource: "arn:aws:dynamodb:ap-southeast-1:*:table/${self:custom.dynamoDBTableName}/stream/*" functions: backup: diff --git a/aws-node-fetch-file-and-store-in-s3/serverless.yml b/aws-node-fetch-file-and-store-in-s3/serverless.yml index 817d5c60a..e5382a928 100644 --- a/aws-node-fetch-file-and-store-in-s3/serverless.yml +++ b/aws-node-fetch-file-and-store-in-s3/serverless.yml @@ -1,6 +1,6 @@ service: fetch-file-and-store-in-s3 -frameworkVersion: ">=1.1.0" +frameworkVersion: ">=2.24.0" custom: bucket: @@ -10,12 +10,14 @@ provider: runtime: nodejs12.x stage: dev region: us-west-1 - iamRoleStatements: - - Effect: Allow - Action: - - s3:PutObject - - s3:PutObjectAcl - Resource: "arn:aws:s3:::${self:custom.bucket}/*" + iam: + role: + statements: + - Effect: Allow + Action: + - s3:PutObject + - s3:PutObjectAcl + Resource: "arn:aws:s3:::${self:custom.bucket}/*" functions: save: diff --git a/aws-node-graphql-and-rds/serverless.yml b/aws-node-graphql-and-rds/serverless.yml index 5d72036a6..c5a3ddd6d 100755 --- a/aws-node-graphql-and-rds/serverless.yml +++ b/aws-node-graphql-and-rds/serverless.yml @@ -6,7 +6,8 @@ provider: stage: dev memorySize: 256 runtime: nodejs12.x - role: LambdaRole + iam: + role: LambdaRole environment: #aurora AURORA_HOST: ${self:custom.AURORA.HOST} diff --git a/aws-node-graphql-api-with-dynamodb/serverless.yml b/aws-node-graphql-api-with-dynamodb/serverless.yml index 77056d5f5..0ad20a8c6 100644 --- a/aws-node-graphql-api-with-dynamodb/serverless.yml +++ b/aws-node-graphql-api-with-dynamodb/serverless.yml @@ -5,12 +5,14 @@ provider: runtime: nodejs10.x environment: DYNAMODB_TABLE: ${self:service}-${self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:GetItem - - dynamodb:UpdateItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:GetItem + - dynamodb:UpdateItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: query: diff --git a/aws-node-recursive-function/serverless.yml b/aws-node-recursive-function/serverless.yml index 1a39d9e90..d5de4d4fc 100644 --- a/aws-node-recursive-function/serverless.yml +++ b/aws-node-recursive-function/serverless.yml @@ -7,12 +7,14 @@ custom: provider: name: aws runtime: nodejs12.x -# iamRoleStatements: -# - Effect: "Allow" -# Action: -# - "lambda:InvokeFunction" -# Resource: ${self:custom.functionARN} +# iam: +# role: +# statements: +# - Effect: "Allow" +# Action: +# - "lambda:InvokeFunction" +# Resource: ${self:custom.functionARN} functions: recursiveExample: - handler: handler.recursiveLambda \ No newline at end of file + handler: handler.recursiveLambda diff --git a/aws-node-rekognition-analysis-s3-image/serverless.yml b/aws-node-rekognition-analysis-s3-image/serverless.yml index 2e1712a13..37598200a 100644 --- a/aws-node-rekognition-analysis-s3-image/serverless.yml +++ b/aws-node-rekognition-analysis-s3-image/serverless.yml @@ -9,16 +9,17 @@ provider: timeout: 10 stage: dev region: us-east-1 - - iamRoleStatements: - - Effect: Allow - Action: - - s3:* - Resource: "*" - - Effect: "Allow" - Action: - - "rekognition:*" - Resource: "*" + iam: + role: + statements: + - Effect: Allow + Action: + - s3:* + Resource: "*" + - Effect: "Allow" + Action: + - "rekognition:*" + Resource: "*" functions: imageAnalysis: diff --git a/aws-node-rest-api-with-dynamodb-and-offline/serverless.yml b/aws-node-rest-api-with-dynamodb-and-offline/serverless.yml index 83820eb2f..14995c42c 100644 --- a/aws-node-rest-api-with-dynamodb-and-offline/serverless.yml +++ b/aws-node-rest-api-with-dynamodb-and-offline/serverless.yml @@ -1,6 +1,6 @@ service: serverless-rest-api-with-dynamodb -frameworkVersion: ">=1.1.0 <=2.4.0" +frameworkVersion: ">=2.24.0" plugins: - serverless-dynamodb-local @@ -24,16 +24,18 @@ provider: runtime: nodejs12.x environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: diff --git a/aws-node-rest-api-with-dynamodb/serverless.yml b/aws-node-rest-api-with-dynamodb/serverless.yml index 4b95d8e44..ef96320ec 100644 --- a/aws-node-rest-api-with-dynamodb/serverless.yml +++ b/aws-node-rest-api-with-dynamodb/serverless.yml @@ -7,16 +7,18 @@ provider: runtime: nodejs10.x environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: diff --git a/aws-node-ses-receive-email-body/serverless.yml b/aws-node-ses-receive-email-body/serverless.yml index 9e9b8710f..6022e77a1 100644 --- a/aws-node-ses-receive-email-body/serverless.yml +++ b/aws-node-ses-receive-email-body/serverless.yml @@ -1,6 +1,6 @@ service: aws-node-ses-receive-email-body -frameworkVersion: ">=1.1.0" +frameworkVersion: ">=2.24.0" custom: bucket: sesreceiveemailbody @@ -10,11 +10,13 @@ provider: name: aws runtime: nodejs12.x region: eu-west-1 - iamRoleStatements: - - Effect: Allow - Action: - - s3:* - Resource: "*" + iam: + role: + statements: + - Effect: Allow + Action: + - s3:* + Resource: "*" functions: postprocess: @@ -43,4 +45,4 @@ resources: Fn::Join: ['', ['arn:aws:s3:::', Ref: "${self:custom.bucketRef}", '/*'] ] Condition: StringEquals: - "aws:Referer": { Ref: AWS::AccountId } \ No newline at end of file + "aws:Referer": { Ref: AWS::AccountId } diff --git a/aws-node-signed-uploads/serverless.yml b/aws-node-signed-uploads/serverless.yml index 71d19b802..e738461a9 100644 --- a/aws-node-signed-uploads/serverless.yml +++ b/aws-node-signed-uploads/serverless.yml @@ -22,11 +22,13 @@ provider: REGION: ${self:provider.region} BUCKET: { Ref: Uploads } versionFunctions: false - iamRoleStatements: - - Effect: "Allow" - Action: - - "s3:*" - Resource: "*" + iam: + role: + statements: + - Effect: "Allow" + Action: + - "s3:*" + Resource: "*" functions: upsert-objects: diff --git a/aws-node-simple-transcribe-s3/serverless.yml b/aws-node-simple-transcribe-s3/serverless.yml index 72980b979..53e96cceb 100644 --- a/aws-node-simple-transcribe-s3/serverless.yml +++ b/aws-node-simple-transcribe-s3/serverless.yml @@ -7,18 +7,20 @@ provider: S3_AUDIO_BUCKET: ${self:service}-${opt:stage, self:provider.stage}-records S3_TRANSCRIPTION_BUCKET: ${self:service}-${opt:stage, self:provider.stage}-transcriptions LANGUAGE_CODE: en-US - iamRoleStatements: - - Effect: Allow - Action: - - s3:PutObject - - s3:GetObject - Resource: - - 'arn:aws:s3:::${self:provider.environment.S3_AUDIO_BUCKET}/*' - - 'arn:aws:s3:::${self:provider.environment.S3_TRANSCRIPTION_BUCKET}/*' - - Effect: Allow - Action: - - transcribe:StartTranscriptionJob - Resource: '*' + iam: + role: + statements: + - Effect: Allow + Action: + - s3:PutObject + - s3:GetObject + Resource: + - 'arn:aws:s3:::${self:provider.environment.S3_AUDIO_BUCKET}/*' + - 'arn:aws:s3:::${self:provider.environment.S3_TRANSCRIPTION_BUCKET}/*' + - Effect: Allow + Action: + - transcribe:StartTranscriptionJob + Resource: '*' functions: transcribe: diff --git a/aws-node-stripe-integration/serverless.yml b/aws-node-stripe-integration/serverless.yml index 5426b1c28..e558fed72 100644 --- a/aws-node-stripe-integration/serverless.yml +++ b/aws-node-stripe-integration/serverless.yml @@ -24,13 +24,15 @@ provider: region: us-east-1 # you can add statements to the Lambda function's IAM Role here -# iamRoleStatements: -# - Effect: "Allow" -# Action: -# - "lambda:InvokeAsync" -# - "lambda:InvokeFunction" -# Resource: -# - "*" +# iam: +# role: +# statements: +# - Effect: "Allow" +# Action: +# - "lambda:InvokeAsync" +# - "lambda:InvokeFunction" +# Resource: +# - "*" # you can define service wide environment variables here # environment: @@ -50,4 +52,4 @@ functions: events: - http: path: stripe/incoming - method: post \ No newline at end of file + method: post diff --git a/aws-node-text-analysis-via-sns-post-processing/serverless.yml b/aws-node-text-analysis-via-sns-post-processing/serverless.yml index b0888fe46..fe41df982 100644 --- a/aws-node-text-analysis-via-sns-post-processing/serverless.yml +++ b/aws-node-text-analysis-via-sns-post-processing/serverless.yml @@ -7,11 +7,13 @@ provider: runtime: nodejs12.x region: us-east-1 stage: dev - iamRoleStatements: - - Effect: "Allow" - Resource: "*" - Action: - - "sns:*" + iam: + role: + statements: + - Effect: "Allow" + Resource: "*" + Action: + - "sns:*" functions: addNote: diff --git a/aws-node-typescript-kinesis/serverless.yml b/aws-node-typescript-kinesis/serverless.yml index 3879b7bcf..5ea8b11f4 100644 --- a/aws-node-typescript-kinesis/serverless.yml +++ b/aws-node-typescript-kinesis/serverless.yml @@ -7,13 +7,15 @@ plugins: provider: name: aws runtime: nodejs12.x - iamRoleStatements: - - Effect: Allow - Action: - - kinesis:PutRecord - - kinesis:PutRecords - Resource: - - Fn::GetAtt: [ kinesisStream, Arn ] + iam: + role: + statements: + - Effect: Allow + Action: + - kinesis:PutRecord + - kinesis:PutRecords + Resource: + - Fn::GetAtt: [ kinesisStream, Arn ] functions: producer: diff --git a/aws-node-typescript-rest-api-with-dynamodb/serverless.yml b/aws-node-typescript-rest-api-with-dynamodb/serverless.yml index b18a0bac1..1cf4d9850 100644 --- a/aws-node-typescript-rest-api-with-dynamodb/serverless.yml +++ b/aws-node-typescript-rest-api-with-dynamodb/serverless.yml @@ -8,16 +8,18 @@ provider: region: eu-west-2 environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: diff --git a/aws-node-typescript-sqs-standard/serverless.yml b/aws-node-typescript-sqs-standard/serverless.yml index 3df428489..122931564 100644 --- a/aws-node-typescript-sqs-standard/serverless.yml +++ b/aws-node-typescript-sqs-standard/serverless.yml @@ -7,12 +7,14 @@ plugins: provider: name: aws runtime: nodejs10.x - iamRoleStatements: - - Effect: Allow - Action: - - sqs:SendMessage - Resource: - - Fn::GetAtt: [ receiverQueue, Arn ] + iam: + role: + statements: + - Effect: Allow + Action: + - sqs:SendMessage + Resource: + - Fn::GetAtt: [ receiverQueue, Arn ] functions: sender: @@ -35,4 +37,4 @@ resources: receiverQueue: Type: AWS::SQS::Queue Properties: - QueueName: receiverQueue \ No newline at end of file + QueueName: receiverQueue diff --git a/aws-python-pynamodb-s3-sigurl/serverless.yml b/aws-python-pynamodb-s3-sigurl/serverless.yml index c9520ae00..ac13d72ba 100644 --- a/aws-python-pynamodb-s3-sigurl/serverless.yml +++ b/aws-python-pynamodb-s3-sigurl/serverless.yml @@ -1,6 +1,6 @@ service: aws-python-pynamodb-s3-sigurl -frameworkVersion: ">=1.1.0 <2.0.0" +frameworkVersion: ">=2.24.0" plugins: - serverless-python-requirements @@ -54,22 +54,23 @@ provider: S3_BUCKET: ${self:custom.s3_bucket} S3_KEY_BASE: ${self:custom.s3_key_base} URL_DEFAULT_TTL: ${self:custom.url_default_ttl} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - - dynamodb:DescribeTable - Resource: ${self:custom.dynamodb_arn} - - - Effect: Allow - Action: - - s3:* - Resource: ${self:custom.s3_role_resource} + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + - dynamodb:DescribeTable + Resource: ${self:custom.dynamodb_arn} + - Effect: Allow + Action: + - s3:* + Resource: ${self:custom.s3_role_resource} functions: create: diff --git a/aws-python-rest-api-with-dynamodb/serverless.yml b/aws-python-rest-api-with-dynamodb/serverless.yml index fac75dad7..33850e57c 100644 --- a/aws-python-rest-api-with-dynamodb/serverless.yml +++ b/aws-python-rest-api-with-dynamodb/serverless.yml @@ -1,22 +1,24 @@ service: serverless-rest-api-with-dynamodb -frameworkVersion: ">=1.1.0 <=2.1.1" +frameworkVersion: ">=2.24.0" provider: name: aws runtime: python3.8 environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: diff --git a/aws-python-rest-api-with-pymongo/serverless.yml b/aws-python-rest-api-with-pymongo/serverless.yml index f7f455c13..6fd271dd9 100644 --- a/aws-python-rest-api-with-pymongo/serverless.yml +++ b/aws-python-rest-api-with-pymongo/serverless.yml @@ -1,6 +1,6 @@ service: serverless-pymongo-item-api -frameworkVersion: ">=1.1.0 <2.0.0" +frameworkVersion: ">=2.24.0" plugins: - serverless-python-requirements @@ -14,8 +14,10 @@ provider: MONGO_DB_NAME: ${env:MONGO_DB_NAME} MONGO_DB_URL: ${env:MONGO_DB_URL} MONGO_COLLECTION_NAME: ${env:MONGO_COLLECTION_NAME} - iamManagedPolicies: - - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + iam: + role: + managedPolicies: + - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" functions: create: diff --git a/aws-python-rest-api-with-pynamodb/serverless.yml b/aws-python-rest-api-with-pynamodb/serverless.yml index 3fc10dcf9..ad31811d6 100644 --- a/aws-python-rest-api-with-pynamodb/serverless.yml +++ b/aws-python-rest-api-with-pynamodb/serverless.yml @@ -1,6 +1,6 @@ service: serverless-rest-api-with-pynamodb -frameworkVersion: ">=1.1.0 <2.0.0" +frameworkVersion: ">=2.24.0" plugins: - serverless-python-requirements @@ -22,17 +22,19 @@ provider: region: eu-central-1 environment: DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage} - iamRoleStatements: - - Effect: Allow - Action: - - dynamodb:Query - - dynamodb:Scan - - dynamodb:GetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - - dynamodb:DeleteItem - - dynamodb:DescribeTable - Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" + iam: + role: + statements: + - Effect: Allow + Action: + - dynamodb:Query + - dynamodb:Scan + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:DeleteItem + - dynamodb:DescribeTable + Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" functions: create: