-
Notifications
You must be signed in to change notification settings - Fork 3
/
acm.yaml
42 lines (40 loc) · 1.44 KB
/
acm.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: CloudFormation Custom Resource for provisioning and validating an ACM certificate.
Resources:
ACMRegisterFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: acm_register/
Handler: app.handler
Runtime: python3.7
Timeout: 900
Policies:
- Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- acm:RequestCertificate
- acm:DescribeCertificate
- acm:ListCertificates
Resource: '*'
- Effect: Allow
Action:
- route53:ChangeResourceRecordSets
- route53:ListHostedZonesByName
Resource: '*'
- Effect: Allow
Action:
- lambda:AddPermission
- lambda:RemovePermission
- events:PutRule
- events:DeleteRule
- events:PutTargets
- events:RemoveTargets
Resource: '*'
Outputs:
ACMRegisterFunction:
Description: "ARN for ACM Register custom resource function"
Value: !GetAtt ACMRegisterFunction.Arn
Export:
Name: "ACMRegisterFunction"