diff --git a/serverless-config.yml b/serverless-config.yml index a1c8c12..9d81c1b 100644 --- a/serverless-config.yml +++ b/serverless-config.yml @@ -1,7 +1,4 @@ lambda: - install: - roleName: calendar2slack-prod-us-east-1-lambdaRole - policyName: calendar2slack-prod-us-east-1-lambdaRole-policy update: roleName: hudl-cal2slack-lambda-update policyName: hudl-cal2slack-lambda-update-policy diff --git a/serverless.yml b/serverless.yml index 90c0df0..b6a1de8 100644 --- a/serverless.yml +++ b/serverless.yml @@ -30,7 +30,7 @@ functions: - http: path: 'slack/install' method: get - role: slackInstallRole + role: slackbotRole create-user: handler: src/index.createUser events: @@ -201,61 +201,6 @@ resources: - Ref: 'AWS::Region' - Ref: 'AWS::AccountId' - 'table/cal2slack-usersettings' - slackInstallRole: - Type: AWS::IAM::Role - Properties: - Path: / - RoleName: ${self:custom.lambda.install.roleName} - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: - - lambda.amazonaws.com - Action: sts:AssumeRole - Policies: - - PolicyName: ${self:custom.lambda.install.policyName} - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:CreateLogGroup - - logs:CreateLogStream - - logs:PutLogEvents - Resource: - - 'Fn::Join': - - ':' - - - 'arn:aws:logs' - - Ref: 'AWS::Region' - - Ref: 'AWS::AccountId' - - 'log-group:/aws/lambda/*:*:*' - - Effect: Allow - Action: - - secretsmanager:GetSecretValue - Resource: - - 'Fn::Join': - - ':' - - - 'arn:aws:secretsmanager' - - Ref: 'AWS::Region' - - Ref: 'AWS::AccountId' - - 'secret:${self:custom.lambda.slackbot.secretsPrefix}/*' - - Effect: Allow - Action: - - dynamodb:Scan - - dynamodb:Query - - dynamodb:GetItem - - dynamodb:BatchGetItem - - dynamodb:PutItem - - dynamodb:UpdateItem - Resource: - - 'Fn::Join': - - ':' - - - 'arn:aws:dynamodb' - - Ref: 'AWS::Region' - - Ref: 'AWS::AccountId' - - 'table/cal2slack-usersettings' Outputs: UserSettingsTableArn: Description: 'The ARN for the cal2slack-usersettings table'